CVSS: 10.0EPSS: 93%CPEs: 104EXPL: 3CVE-2013-2465 – Oracle Java SE Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2013-2465
18 Jun 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorr... • https://packetstorm.news/files/id/122777 • CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2012-3155
https://notcve.org/view.php?id=CVE-2012-3155
16 Oct 2012 — Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB. Vulnerabilidad no especificada en el componente CORBA ORB de Sun GlassFish Enterprise Server v2.1.1, Sun GlassFish Enterprise Server v3.0.1 y v3.1.2 y Sun Java Application Server System v8.1 y v8.2 permite a atacantes remotos afectar a la disponibilidad, ... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 9.8EPSS: 0%CPEs: 174EXPL: 0CVE-2012-1717 – OpenJDK: insecure temporary file permissions (JRE, 7143606)
https://notcve.org/view.php?id=CVE-2012-1717
16 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualización 35 y anteriores, y v1.4.2_37 y anteriores permite ... • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 93%CPEs: 74EXPL: 3CVE-2012-0507 – Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0507
07 Jun 2012 — Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceA... • https://www.exploit-db.com/exploits/18679 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 88%CPEs: 4EXPL: 2CVE-2011-0807 – Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0807
19 Apr 2011 — Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration. Vulnerabilidad no especificada en Oracle Sun GlassFish Enterprise Server v2.1, v2.1.1 y v3.0.1, y Sun Java System Application Server v9.1, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desc... • https://packetstorm.news/files/id/181110 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4431
https://notcve.org/view.php?id=CVE-2010-4431
19 Jan 2011 — Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy. Vulnerabilidad sin especificar en Oracle Sun Java System Portal Server 7.1 y 7.2 permite a usuarios locales afectar a la confidencialidad a través de vectores desconocidos relacionados con el Proxy. • http://osvdb.org/70565 •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2010-4444
https://notcve.org/view.php?id=CVE-2010-4444
19 Jan 2011 — Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en Oracle Sun Java System Access Manager y Oracle OpenSSO v7, v7.1 y v8 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://osvdb.org/70579 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4456
https://notcve.org/view.php?id=CVE-2010-4456
19 Jan 2011 — Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail. Vulnerabilidad no especificada en Oracle Sun Java System Communications Express v6.2 y v6.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con la Web de correo. • http://osvdb.org/70586 •
CVSS: 10.0EPSS: 10%CPEs: 4EXPL: 0CVE-2010-0887 – Java: Java Web Start arbitrary command line injection
https://notcve.org/view.php?id=CVE-2010-0887
20 Apr 2010 — Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad sin especificar en el componente New Java Plug-in en Oracle Java SE y Java para Business JDK y JRE 6 Update 18 y 19, permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://lists.apple.com/archives/security-announce/2010//May/msg00001.html •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2010-1227
https://notcve.org/view.php?id=CVE-2010-1227
01 Apr 2010 — Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as demonstrated by a subject containing an IMG element with a SRC attribute that performs a cross-site request forgery (CSRF) attack involving the cmd and argv parameters to cmd.msc. Una vulnerabilidad de tipo cross-site scripting (XSS) en Sun Java System Communications Express versiones 6.2 y 6.3, permite a los atac... • http://secunia.com/advisories/42990 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •