CVSS: 5.3EPSS: 0%CPEs: 68EXPL: 0CVE-2013-4578 – OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars
https://notcve.org/view.php?id=CVE-2013-4578
29 Dec 2017 — jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation. jarsigner en OpenJDK y Oracle Java SE en versiones anteriores a la 7u51 permite que atacantes remotos omitan un mecanismo de protección de firma de código e inyecten código de bytes no firmado en un archivo JAR firmado aprovechando la validación incorrecta de archivos. • http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d5f36e1c927e • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 8%CPEs: 15EXPL: 0CVE-2014-0418 – JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)
https://notcve.org/view.php?id=CVE-2014-0418
15 Jan 2014 — Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424. Vulnerabilidad no especificada en Oracle Java SE 6u65 y 7u45 que permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con el despliegue, una vu... • http://marc.info/?l=bugtraq&m=139402697611681&w=2 •
CVSS: 9.1EPSS: 5%CPEs: 14EXPL: 0CVE-2013-5895 – JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-5895
15 Jan 2014 — Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. Vulnerabilidad no especificada en Oracle Java SE 7u45 y JavaFX 2.2.45 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con JavaFX. Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allo... • http://marc.info/?l=bugtraq&m=139402697611681&w=2 •
CVSS: 9.8EPSS: 14%CPEs: 14EXPL: 0CVE-2014-0382 – JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)
https://notcve.org/view.php?id=CVE-2014-0382
15 Jan 2014 — Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX. Vulnerabilidad no especificada en Oracle Java SE 7u45 y Java FX 2.2.45 permite a atacantes remotos afectar la disponibilidad a través de vectores desconocidos relacionados con JavaFX. Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remo... • http://marc.info/?l=bugtraq&m=139402697611681&w=2 •
CVSS: 9.8EPSS: 8%CPEs: 17EXPL: 0CVE-2013-5906 – JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)
https://notcve.org/view.php?id=CVE-2013-5906
15 Jan 2014 — Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905. Vulnerabilidad no especificada en Oracle Java SE 5.0u55, 6u65 y 7u45 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Install, una vulnerabilidad diferente a CVE-2013-5905. Oracle Java SE ver... • http://marc.info/?l=bugtraq&m=139402697611681&w=2 •
CVSS: 9.8EPSS: 14%CPEs: 13EXPL: 0CVE-2013-5904 – JDK: unspecified vulnerability fixed in 7u51 (Deployment)
https://notcve.org/view.php?id=CVE-2013-5904
15 Jan 2014 — Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 7u45 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con Deployment. Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. ... • http://marc.info/?l=bugtraq&m=139402697611681&w=2 •
CVSS: 9.8EPSS: 15%CPEs: 14EXPL: 0CVE-2013-5870 – JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-5870
15 Jan 2014 — Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. Vulnerabilidad no especificada en Oracle Java SE 7u45 y JavaFX 2.2.45 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con JavaFX. Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Develope... • http://marc.info/?l=bugtraq&m=139402697611681&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 34EXPL: 0CVE-2013-5851 – OpenJDK: XML stream factory finder information leak (JAXP, 8013502)
https://notcve.org/view.php?id=CVE-2013-5851
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, y Java SE Embedded v7u40 y anteriores permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con JAXP. The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Ki... • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html •
CVSS: 8.8EPSS: 1%CPEs: 118EXPL: 0CVE-2013-5852 – JDK: unspecified vulnerability fixed in 7u45 (Deployment)
https://notcve.org/view.php?id=CVE-2013-5852
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5832. Vulnerabilidad no especificada en Oracle Java SE 7u40 y versiones anteriores, Java SE 6u60 y versiones anteriores y Java SE Embedded 7u40 y versiones anteriores permite ... • http://marc.info/?l=bugtraq&m=138674031212883&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 45EXPL: 0CVE-2013-5854 – JDK: multiple unspecified vulnerabilities fixed in 7u45 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-5854
16 Oct 2013 — Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en Oracle Java SE v7u40 y anteriores, y JavaFX v2.2.40 y anteriores permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities ... • http://marc.info/?l=bugtraq&m=138674073720143&w=2 •