CVE-2016-5597

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking...

Design/Logic Flaw

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582...

CVE-2016-5542

CVE-2016-5542 is described as an unspecified vulnerability in Oracle Java SE (6u121, 7u111, 8u102) and Java SE Embedded 8u101 that could affect integrity via Libraries. The root cause cited across sources is failure to restrict the set of algorithms used for JAR integrity verification, allowing m...

CVE-2016-5554

CVE-2016-5554 corresponds to an unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102 and Java SE Embedded 8u101 that could affect integrity via vectors related to the JMX component. Connected advisories confirm the issue is addressed by Java/OpenJDK updates across multiple platforms (e...

CVE-2016-5556

CVE-2016-5556 is documented in connected Chainguard materials as an unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102, with impact to confidentiality, integrity, and availability via vectors related to 2D. Root cause details are not publicly disclosed in the provided sources. A ...

CVE-2016-5573

CVE-2016-5573 affects OpenJDK/Oracle Java SE Hotspot and Java SE Embedded. The issue lets a remote attacker send debugging commands to a Java program running with debugging enabled if the victim’s browser issues HTTP requests to the JDWP port, potentially impacting confidentiality, integrity, and...

Oracle Fixes 253 Vulnerabilities in Last CPU of 2016

Oracle fixed 253 vulnerabilities across 76 product lines on Tuesday as part of its quarterly Critical Patch Update. Many of the fixes addressed by Oracle tackled vulnerabilities tied to securing critical enterprise data. Vulnerabilities in Oracle Fusion Middleware, a family of infrastructure...

JDK: unspecified vulnerability fixed in 7u111 and 8u101 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment...

Oracle Java SE Multiple Unspecified Vulnerabilities-03 (Jul 2016) - Linux

Oracle Java SE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

JDK: unspecified vulnerability fixed in 6u121, 7u111, and 8u101 (Install)

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install...

OpenJDK: maximum XML name limit not applied to namespace URIs (JAXP, 8148872)

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508...

CVE-2016-3606

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot...

CVE-2016-3606

CVE-2016-3606 is an insufficient bytecode verification flaw in the Hotspot component of OpenJDK/OpenJDK-based Java runtimes, enabling sandbox bypass for untrusted code. Public documentation ties this to Oracle Java SE 7u101/8u92 and Java SE Embedded 8u91, with multiple vendor advisories (Red Hat,...

CVE-2016-3458

CVE-2016-3458 affects OpenJDK/OpenJDK-based Java runtimes (CORBA component) and Oracle Java SE up to 8u92, enabling sandbox-restriction bypass that could allow remote or local attackers to affect integrity. The vulnerability stems from insufficient restrictions on CORBA value handling, enabling a...

CVE-2016-3498

CVE-2016-3498 is an unspecified vulnerability in Oracle Java SE 7u101 and 8u92 related to the JavaFX component that can impact availability (DoS). IBM documents confirm affected products and provide remediation via IBM Java SDK/JRE updates (Java Technology Edition) to address this family, e.g., J...

CVE-2016-3503

CVE-2016-3503 is an Oracle Java SE vulnerability described as an unspecified issue in the Install component that can affect confidentiality, integrity, and availability for Oracle Java SE 6u115, 7u101, and 8u92. IBM-related documents map this CVE to multiple IBM advisories (e.g., RSA family, IBM ...

CVE-2016-3610

CVE-2016-3610 is evidenced in connected data as a sandbox-restriction-bypass flaw in the Libraries component of OpenJDK, specifically involving the filterReturnValue() method of MethodHandles where the parameter-count check could be bypassed. The CHAINGUARD security data lists affected OpenJDK pa...

CVE-2016-3550

CVE-2016-3550 is a OpenJDK/Hotspot related vulnerability that allows remote attackers to affect confidentiality by bypassing sandbox restrictions via Bytecode reading vulnerabilities in OpenJDK’s Hotspot component. The affected products and versions cited include Oracle Java SE 6u115, 7u101, 8u92...

CVE-2016-3500

CVE-2016-3500 is tied to a denial-of-service issue in the JAXP component of OpenJDK/OpenJDK-based Java runtimes, where crafted XML files could cause excessive CPU/memory consumption. The CVE affects multiple OpenJDK variants and is reflected in security advisories for Linux distributions (e.g., A...

CVE-2016-3606

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot...