CVE-2015-4748

CVE-2015-4748 is an OpenJDK/OpenJDK family vulnerability affecting OCSP verification in the Libraries component. Description across connected documents shows the root cause: OCSP responses with no nextUpdate were treated as indefinitely valid, potentially allowing revoked certificates to be accep...

CVE-2015-4731

CVE-2015-4731 is an OpenJDK/JRE vulnerability tied to the JMX component, described as an unspecified issue allowing remote attackers to bypass sandbox protections via JMX-related vectors. Multiple advisories (Debian, CentOS, IBM AIX, Red Hat/OpenJDK bundles, Oracle/USN, and F5 references) confirm...

CVE-2015-4729

CVE-2015-4729 (Oracle Java SE Deployment) is described as an unspecified vulnerability with partial confidentiality and partial integrity impact, and no availability impact. The Connected documents confirm the CVE and show multiple IBM advisories referencing the same CVE family, often listing rem...

CVE-2015-2628

CVE-2015-2628 affects OpenJDK/OpenJDK components in Java SE 6u95, 7u80, 8u45 and Java SE Embedded 7u75/8u33, with CORBA‑related vectors that could compromise confidentiality, integrity, and availability. Connected advisories confirm multiple vendors released updates (OpenJDK 6/7/8 families) to re...

CVE-2015-2621

CVE-2015-2621 is an unspecified vulnerability in the JMX component of OpenJDK that could allow a remote attacker to read confidential information due to improper code permission checks in RMIConnectionImpl. It is listed among multiple OpenJDK issues (2D, CORBA, JMX, Libraries, and RMI) affecting ...

CVE-2015-2619

CVE-2015-2619 is referenced in IBM advisories as an IBM Java SDK vulnerability affecting IBM products that use IBM Java SDK 7 (including MegaRAID and FSM contexts). The available connected documents describe the issue as an unspecified vulnerability in the 2D component that could allow a remote a...

CVE-2015-2613

CVE-2015-2613 is an unspecified vulnerability in the JCE component with a CVSS-like vector AV:N/AC:L/Au:N/C:P/I:N/A:N and a base score of 5 that affects Oracle Java SE 7u80/8u45 and Java SE Embedded 7u75/8u33 per the initial record. Connected IBM advisories confirm this CVE as part of July 2015 C...

CVE-2015-4733

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...

ICU: missing boundary checks in layout engine (OpenJDK 2D, 8071715)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

JDK: unspecified vulnerability fixed in 5.0u85, 6u95, 7u79 and 8u45 (2D)

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459...

JDK: unspecified vulnerability fixed in 5.0u85, 6u95, 7u79 and 8u45 (2D)

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459...

JDK: unspecified vulnerability fixed in 5.0u85, 6u95, 7u79 and 8u45 (2D)

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459...

JDK: unspecified vulnerability fixed in 7u79 and 8u45 (JavaFX)

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484...

Critical: Red Hat Security Advisory: java-1.8.0-oracle security update

Updated java-1.8.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

CVE-2015-0478

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE...

Design/Logic Flaw

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492...

Buffer overflow

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE...

CVE-2015-0470

CVE-2015-0470 is linked to Oracle/OpenJDK Java SE components (notably Hotspot) with publicly referenced advisories across Debian openjdk-6/7 and OpenJDK/OpenJRE updates. Connected docs confirm affected products include OpenJDK/JRE/JDK across multiple versions (e.g., 6u/7u/8u40 context in advisori...

CVE-2015-0488

CVE-2015-0488 is an unspecified vulnerability in Oracle Java SE (5.0u81, 6u91, 7u76, 8u40) and JRockit R28.3.5, related to JSSE, with impact described as possible denial of service on availability. Connected advisories (F5, IBM AIX/SOL, Debian, Amazon ALAS) confirm JSSE as affected and list mitig...

CVE-2015-0491

CVE-2015-0491 is an unspecified vulnerability in IBM SDK for Java Technology Edition affecting IBM AIX environments. IBM’s 2015 Java bulletin maps CVE-2015-0491 to a 2D component issue with complete confidentiality, integrity, and availability impact. Affected AIX filesets/VRMF levels are: Java5:...