Page 75 of 674 results (0.012 seconds)

CVSS: 10.0EPSS: 13%CPEs: 5EXPL: 0

CVE-2014-0428 – OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)

https://notcve.org/view.php?id=CVE-2014-0428

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox. Vulnerabilidad no especificada en Oracle Java SE 5.0u55, 6u65 y 7u45; y Java SE Embedded 7u45 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con CORBA. • http://hg.openjdk.java.net/jdk7u/jdk7u/corba/rev/0a879f00b698 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.inf •

CVSS: 10.0EPSS: 10%CPEs: 5EXPL: 0

CVE-2014-0422 – OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)

https://notcve.org/view.php?id=CVE-2014-0422

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox. Vulnerabilidad no especificada en Oracle Java SE 5.0u55, 6u65 and 7u45 y Java SE Embedded 7u45 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JNDI. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l •

CVSS: 5.1EPSS: 1%CPEs: 6EXPL: 0

CVE-2013-5905 – JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)

https://notcve.org/view.php?id=CVE-2013-5905

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5906. Vulnerabilidad no especificada en Oracle Java SE 5.0u55, 6u65 y 7u45 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Install, una vulnerabilidad diferente a CVE-2013-5906. • http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l=bugtraq&m=139402749111889&w=2 http://osvdb.org/102009 http://rhn.redhat.com/errata/RHSA-2014-0030.html http://secunia.com/advisories/56485 http://secunia.com/advisories/56535 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64934 http://www.securitytracker.com/id/1029608 https://access.redhat.com/errat •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-5898 – JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)

https://notcve.org/view.php?id=CVE-2013-5898

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403. Vulnerabilidad no especificada en Oracle Java SE 6u65 y 7u45 permite a atacantes remotos afectar a la confidencialidad e integridad a través de vectores desconocidos relacionados con Deployment, una vulnerabilidad diferente a CVE-2014-0375 y CVE-2014-0403. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l=bugtraq&m=139402749111889&w=2 http://osvdb.org/102027 http://rhn.redhat.com/errata/RHSA-2014-0030.html http://rhn.redhat.com/errata/RHSA-2014-0134.html http://rhn.redhat.com/errata&# •

CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 0

CVE-2014-0385

https://notcve.org/view.php?id=CVE-2014-0385

Unspecified vulnerability in Oracle Java SE 7u45, when installing on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en Oracle Java SE 7u45, cuando se instala OS X, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Install. • http://osvdb.org/101998 http://secunia.com/advisories/56485 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64901 http://www.securitytracker.com/id/1029608 •