| 2013-03-08 | CVE-2013-1488 | Code Injection vulnerability in Oracle JDK and JRE
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013. | 10.0 |
| 2013-03-08 | CVE-2013-0402 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Oracle Javafx, JDK and JRE
Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. | 10.0 |
| 2013-03-08 | CVE-2013-0401 | Code Injection vulnerability in Oracle JDK and JRE
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. | 10.0 |
| 2013-02-20 | CVE-2013-1487 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 13 and earlier and 6 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | 10.0 |
| 2013-02-20 | CVE-2013-1486 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | 10.0 |
| 2013-02-20 | CVE-2013-1485 | Security Bypass vulnerability in Oracle JDK and JRE
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | 5.0 |
| 2013-02-20 | CVE-2013-1484 | Remote Java Runtime Environment vulnerability in Oracle JDK and JRE
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. network low complexity oracle critical | 10.0 |
| 2013-02-02 | CVE-2013-1481 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. | 10.0 |
| 2013-02-02 | CVE-2013-1480 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. | 10.0 |
| 2013-02-02 | CVE-2013-1479 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |