
CVE-2017-10110 – OpenJDK: insufficient access control checks in ImageWatched (AWT, 8174098)
https://notcve.org/view.php?id=CVE-2017-10110
20 Jul 2017 — Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can resu... • http://www.debian.org/security/2017/dsa-3919 •

CVE-2017-10115 – OpenJDK: DSA implementation timing attack (JCE, 8175106)
https://notcve.org/view.php?id=CVE-2017-10115
20 Jul 2017 — Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java... • http://www.debian.org/security/2017/dsa-3919 • CWE-385: Covert Timing Channel •

CVE-2017-10116 – OpenJDK: LDAPCertStore following referrals to non-LDAP URLs (Security, 8176067)
https://notcve.org/view.php?id=CVE-2017-10116
20 Jul 2017 — Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE... • http://www.debian.org/security/2017/dsa-3919 •

CVE-2017-10053 – OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)
https://notcve.org/view.php?id=CVE-2017-10053
20 Jul 2017 — Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Ja... • http://www.debian.org/security/2017/dsa-3919 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVE-2017-10067 – OpenJDK: JAR verifier incorrect handling of missing digest (Security, 8169392)
https://notcve.org/view.php?id=CVE-2017-10067
20 Jul 2017 — Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE. • http://www.debian.org/security/2017/dsa-3919 •

CVE-2017-10074 – OpenJDK: integer overflows in range check loop predicates (Hotspot, 8173770)
https://notcve.org/view.php?id=CVE-2017-10074
20 Jul 2017 — Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may signif... • http://www.debian.org/security/2017/dsa-3919 • CWE-190: Integer Overflow or Wraparound •

CVE-2017-10081 – OpenJDK: incorrect bracket processing in function signature handling (Hotspot, 8170966)
https://notcve.org/view.php?id=CVE-2017-10081
20 Jul 2017 — Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, inse... • http://www.debian.org/security/2017/dsa-3919 •

CVE-2017-10087 – OpenJDK: insufficient access control checks in ThreadPoolExecutor (Libraries, 8172204)
https://notcve.org/view.php?id=CVE-2017-10087
20 Jul 2017 — Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may signif... • http://www.debian.org/security/2017/dsa-3919 •

CVE-2017-10089 – OpenJDK: insufficient access control checks in ServiceRegistry (ImageIO, 8172461)
https://notcve.org/view.php?id=CVE-2017-10089
20 Jul 2017 — Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can ... • http://www.debian.org/security/2017/dsa-3919 •

CVE-2017-3514 – Gentoo Linux Security Advisory 201705-03
https://notcve.org/view.php?id=CVE-2017-3514
24 Apr 2017 — Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can re... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •