Page 85 of 939 results (0.013 seconds)

CVSS: 3.5EPSS: 0%CPEs: 22EXPL: 0

CVE-2014-2398 – OpenJDK: insufficient escaping of window title string (Javadoc, 8026736)

https://notcve.org/view.php?id=CVE-2014-2398

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. Vulnerabilidad no especificada en Oracle Java SE 5.0u61, 6u71, 7u51, y 8; JavaFX 2.2.51; y JRockit R27.8.1 y R28.3.1 permite a usuarios autenticados remotamente afectar a la integridad a través de vectores relacionados con Javadoc. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://rhn.redhat.com/errata/RHSA-2014-0685.html http://secunia.com/advisories/58415 http://secunia.com/advisories/59058 http://security.gentoo.org/glsa/glsa-201406-32.xml http://security.gentoo.org/glsa/glsa-201502-12.xml http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www-01.ibm.com/support •

CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0

CVE-2014-2402 – OpenJDK: Incorrect NIO channel separation (Libraries, 8026716)

https://notcve.org/view.php?id=CVE-2014-2402

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-0455. Vulnerabilidad no especificada en Oracle Java SE 7u51 y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con las librerías, una vulnerabilidad diferente a CVE-2014-0432 y CVE-2014-0455. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://security.gentoo.org/glsa/glsa-201502-12.xml http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66898 http://www.ubuntu.com/usn/USN-2187-1 https://access.redhat.com/errata/RHSA-2014:0413 https://access.redhat.com/security/cve/CVE-2014-2402 https:/ •

CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 0

CVE-2014-0455 – Oracle Java DropArguments Sandbox Bypass Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-0455

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402. Vulnerabilidad no especificada en Oracle Java SE 7u51 y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con las librerías, una vulnerabilidad diferente a CVE-2014-0432 y CVE-2014-2402. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of dropArguments. With the usage of this method, it is possible to disable the security manager and run code as privileged. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://secunia.com/advisories/58974 http://security.gentoo.org/glsa/glsa-201502-12.xml http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66899 http://www.ubuntu.com/usn/USN-2187-1 https://access.redhat.com/errata/RHSA-2014:0413 https://www.ibm.com/su •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-0464

https://notcve.org/view.php?id=CVE-2014-0464

Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0463. Vulnerabilidad no especificada en Oracle Java SE 8 permite a los atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con Scripting, una vulnerabilidad diferente a CVE-2014-0463. • http://security.gentoo.org/glsa/glsa-201502-12.xml http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.securityfocus.com/bid/66913 •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

CVE-2014-0458 – OpenJDK: Activation framework default command map caching (JAX-WS, 8025152)

https://notcve.org/view.php?id=CVE-2014-0458

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-2423. Vulnerabilidad no especificada en Oracle Java SE 6u71, 7u51, y 8, y Java SE Embedded 7u51, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JAX-WS, una vulnerabilidad diferente a CVE-2014-0452 y CVE-2014-2423. • http://marc.info/?l=bugtraq&m=140852886808946&w=2 http://marc.info/?l=bugtraq&m=140852974709252&w=2 http://rhn.redhat.com/errata/RHSA-2014-0675.html http://rhn.redhat.com/errata/RHSA-2014-0685.html http://secunia.com/advisories/58415 http://security.gentoo.org/glsa/glsa-201406-32.xml http://security.gentoo.org/glsa/glsa-201502-12.xml http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www.debian.org/security/2014/dsa-2912 http://www.oracle •