Page 77 of 419 results (0.110 seconds)

CVSS: 10.0EPSS: 10%CPEs: 5EXPL: 0

CVE-2014-0422 – OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)

https://notcve.org/view.php?id=CVE-2014-0422

Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l •

CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 0

CVE-2014-0368 – OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)

https://notcve.org/view.php?id=CVE-2014-0368

Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox. • http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/e6160aedadd5 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info& •

CVSS: 9.3EPSS: 5%CPEs: 2EXPL: 0

CVE-2013-5893 – OpenJDK: JVM method processing issues (Libraries, 8029507)

https://notcve.org/view.php?id=CVE-2013-5893

Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox. • http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498 http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://osvdb.org/102000 http://rhn.redhat.com/errata/RHSA-2014-0026.html http://rhn.redhat.com/errata/RHSA-2014-0027.html http://rhn.redhat.com/errata/RHSA-2014-00 •

CVSS: 7.5EPSS: 10%CPEs: 5EXPL: 0

CVE-2014-0373 – OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)

https://notcve.org/view.php?id=CVE-2014-0373

Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox. • http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info& •

CVSS: 7.5EPSS: 10%CPEs: 3EXPL: 0

CVE-2013-5878 – OpenJDK: null xmlns handling issue (Security, 8025026)

https://notcve.org/view.php?id=CVE-2013-5878

Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox. ... Oracle no ha comentado las notificaciones de terceros de que el componente Security no maneja apropiadamente los atributos de espacio de nombres XML null (xmlns) durante la canonicalización de documentos XML, lo que permite a los atacantes escapar del sandbox. • http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l •