CVSS: 9.1EPSS: 7%CPEs: 9EXPL: 0CVE-2015-4911 – OpenJDK: incomplete supportDTD enforcement (JAXP, 8130078)
https://notcve.org/view.php?id=CVE-2015-4911
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4803 y CVE-20... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html •
CVSS: 9.8EPSS: 6%CPEs: 9EXPL: 0CVE-2015-4872 – OpenJDK: incomplete constraints enforcement by AlgorithmChecker (Security, 8131291)
https://notcve.org/view.php?id=CVE-2015-4872
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Security. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK ... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html •
CVSS: 9.1EPSS: 7%CPEs: 9EXPL: 0CVE-2015-4893 – OpenJDK: incomplete MaxXMLNameLimit enforcement (JAXP, 8086733)
https://notcve.org/view.php?id=CVE-2015-4893
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4803 y CVE-20... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 7%CPEs: 9EXPL: 0CVE-2015-4803 – OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)
https://notcve.org/view.php?id=CVE-2015-4803
21 Oct 2015 — Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a través de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4893 y CVE-20... • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html • CWE-407: Inefficient Algorithmic Complexity •
CVSS: 10.0EPSS: 3%CPEs: 138EXPL: 0CVE-2013-5823 – OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)
https://notcve.org/view.php?id=CVE-2013-5823
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE y anteriores, Java SE 6u60 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la disponibilidad... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html •
CVSS: 7.5EPSS: 6%CPEs: 216EXPL: 0CVE-2013-5825 – OpenJDK: XML parsing Denial of Service (JAXP, 8014530)
https://notcve.org/view.php?id=CVE-2013-5825
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP. Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores per... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html •
CVSS: 5.5EPSS: 6%CPEs: 216EXPL: 0CVE-2013-5803 – OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)
https://notcve.org/view.php?id=CVE-2013-5803
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS. Vulnerabilidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, and Java SE Embedded 7u40 y anteriores p... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html •
CVSS: 10.0EPSS: 0%CPEs: 227EXPL: 0CVE-2013-5797 – OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)
https://notcve.org/view.php?id=CVE-2013-5797
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. Vulnerablidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y JavaFX 2.2.40 y anteriores pe... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html •
CVSS: 9.1EPSS: 1%CPEs: 199EXPL: 0CVE-2013-5804 – OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)
https://notcve.org/view.php?id=CVE-2013-5804
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc. Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, y JRockit R27.7.6 y anteriores que permite a atacantes remotos afectar la con... • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html •
CVSS: 9.8EPSS: 6%CPEs: 216EXPL: 0CVE-2013-5802 – OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)
https://notcve.org/view.php?id=CVE-2013-5802
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. Vulnerabilidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java S... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130 •