CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2015-1931 – JDK: plain text data stored in memory dumps
https://notcve.org/view.php?id=CVE-2015-1931
22 Jul 2015 — IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. IBM Java Security Components en IBM SDK, Java Technology Edition 8 versiones anteriores a SR1 FP10, 7 R1 anteriores a SR3 FP10, 7 anteriores a SR9 FP10, 6 R1 anteriores a SR8 FP7, 6 anteriores a SR16 ... • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 10.0EPSS: 6%CPEs: 5EXPL: 0CVE-2014-8891 – JDK: unspecified full Java sandbox bypass fixed in Feb 2015 update
https://notcve.org/view.php?id=CVE-2014-8891
05 Feb 2015 — Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors related to the security manager. Vulnerabilidad no especificada en Java Virtual Machine (JVM) en IBM SDK, Java Technology Edition 5.0 anterior a SR16-FP9, 6 anterior a SR16-FP3, 6R1 anterior a SR8-FP3, 7 anterio... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00021.html •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2014-8892 – JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update
https://notcve.org/view.php?id=CVE-2014-8892
05 Feb 2015 — Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via unspecified vectors related to the security manager. Vulnerabilidad no especificada en Java Virtual Machine (JVM) en IBM SDK, Java Technology Edition 5.0 anterior a SR16-FP9, 6 anterior a SR16-FP3, 6R1 anterior a S... • http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00021.html •
CVSS: 5.8EPSS: 0%CPEs: 53EXPL: 0CVE-2014-0878 – JDK: Vulnerability in the IBMSecureRandom implementation of the IBMJCE and IBMSecureRandom cryptographic providers
https://notcve.org/view.php?id=CVE-2014-0878
26 May 2014 — The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output. El componente IBMSecureRandom en los proveedores criptográficos IBMJCE y IBMSecureRand... • http://secunia.com/advisories/59022 • CWE-310: Cryptographic Issues •