Page 76 of 668 results (0.021 seconds)

CVSS: 7.5EPSS: 10%CPEs: 3EXPL: 0

CVE-2013-5878 – OpenJDK: null xmlns handling issue (Security, 8025026)

https://notcve.org/view.php?id=CVE-2013-5878

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox. Una vulnerabilidad no especificada en Oracle Java SE versiones 6u65 y 7u45, Java SE Embedded versión 7u45 y OpenJDK 7, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos relacionados con la Seguridad. NOTA: la información anterior procede de la CPU de enero de 2014. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l •

CVSS: 6.8EPSS: 0%CPEs: 45EXPL: 0

CVE-2013-5854 – JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)

https://notcve.org/view.php?id=CVE-2013-5854

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, y JavaFX v2.2.40 y anteriores permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://osvdb.org/98570 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http://www.securityfocus.com/bid/63079 https://exchange.xforce.ibmcloud.com/vulnerabilities/88009 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19187 https://access.redhat.com/security/cve/CVE-2013-5854 https://bugzilla.redhat.com/show_bug.cgi?id=10 •

CVSS: 7.6EPSS: 1%CPEs: 118EXPL: 0

CVE-2013-5852 – JDK: unspecified vulnerability fixed in 7u45 (Deployment)

https://notcve.org/view.php?id=CVE-2013-5852

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5832. Vulnerabilidad no especificada en Oracle Java SE 7u40 y versiones anteriores, Java SE 6u60 y versiones anteriores y Java SE Embedded 7u40 y versiones anteriores permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Deployment, una vulnerabilidad diferente a CVE-2013-5787, CVE-2013-5789, CVE-2013-5824 y CVE-2013-5832. • http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://osvdb.org/98543 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html http://www.securityfocus.com/bid/63130 https://access.redhat.com/errata/RHSA-2014:0414 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18983 https://access.redhat.com/security/cve/CVE-2013-5852 •

CVSS: 5.0EPSS: 0%CPEs: 34EXPL: 0

CVE-2013-5851 – OpenJDK: XML stream factory finder information leak (JAXP, 8013502)

https://notcve.org/view.php?id=CVE-2013-5851

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, y Java SE Embedded v7u40 y anteriores permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JAXP. • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://osvdb.org/98558 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1447.html http://rhn.redhat.com/errata/RHSA-2013-1451.html http://rhn.redhat.com/errata/RHSA-2013-1507.html http://rhn.redhat.com/errata/RHSA-2013-1 •

CVSS: 4.3EPSS: 0%CPEs: 34EXPL: 0

CVE-2013-5800 – OpenJDK: default keytab path information leak (JGSS, 8022931)

https://notcve.org/view.php?id=CVE-2013-5800

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS. Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, y Java SE Embedded v7u40 y anteriores permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JGSS. • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1447.html http://rhn.redhat.com/errata/RHSA-2013-1451.html http://rhn.redhat.com/errata/RHSA-2013-1507.html http://secunia.com/advisories/56338 http://security.gentoo.org/glsa •