Jdk Security Vulnerabilities and Issues — Jdk CVE List

Lucene search

OracleJdk

81 matches found

CVE•added 2015/05/21 12:59 a.m.•1130 views

CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then ...

4.3CVSS4.8AI score0.94027EPSS

CVE•added 2015/07/16 10:59 a.m.•1105 views

CVE-2015-2590

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.

10CVSS4.2AI score0.76849EPSS

CVE•added 2015/10/22 12:0 a.m.•932 views

CVE-2015-4902

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.

5.3CVSS5.5AI score0.06707EPSS

CVE•added 2015/07/16 10:59 a.m.•271 views

CVE-2015-2613

Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.

5CVSS4.7AI score0.02842EPSS

CVE•added 2015/07/16 10:59 a.m.•265 views

CVE-2015-2632

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

5CVSS4AI score0.01388EPSS

CVE•added 2015/07/16 11:0 a.m.•265 views

CVE-2015-4760

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

10CVSS4.1AI score0.08693EPSS

CVE•added 2015/07/16 11:0 a.m.•260 views

CVE-2015-4731

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

10CVSS4AI score0.09686EPSS

CVE•added 2015/07/16 11:0 a.m.•258 views

CVE-2015-4748

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.

7.6CVSS4.6AI score0.1225EPSS

CVE•added 2015/07/16 11:0 a.m.•242 views

CVE-2015-4732

10CVSS4.2AI score0.76849EPSS

CVE•added 2015/07/16 11:0 a.m.•241 views

CVE-2015-4733

10CVSS4AI score0.14837EPSS

CVE•added 2015/07/16 10:59 a.m.•231 views

CVE-2015-2601

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.

5CVSS4.8AI score0.02499EPSS

CVE•added 2015/07/16 10:59 a.m.•226 views

CVE-2015-2625

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.

2.6CVSS4.8AI score0.01864EPSS

CVE•added 2015/07/16 10:59 a.m.•225 views

CVE-2015-2628

10CVSS3.9AI score0.09577EPSS

CVE•added 2015/07/16 11:0 a.m.•225 views

CVE-2015-4749

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.

4.3CVSS4.9AI score0.04374EPSS

CVE•added 2015/07/16 10:59 a.m.•207 views

CVE-2015-2621

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.

5CVSS3.9AI score0.02337EPSS

CVE•added 2015/11/13 3:59 a.m.•189 views

CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly ha...

7.5CVSS7.9AI score0.04755EPSS

CVE•added 2015/01/21 6:59 p.m.•185 views

CVE-2015-0408

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

10CVSS3.8AI score0.09938EPSS

CVE•added 2015/10/21 11:59 p.m.•168 views

CVE-2015-4868

Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

7.6CVSS4.8AI score0.05043EPSS

CVE•added 2015/10/21 9:59 p.m.•166 views

CVE-2015-4805

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.

10CVSS5.2AI score0.06387EPSS

CVE•added 2015/01/21 6:59 p.m.•158 views

CVE-2015-0410

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.

5CVSS3.9AI score0.02489EPSS

CVE•added 2015/10/21 11:59 p.m.•157 views

CVE-2015-4843

10CVSS5.2AI score0.22056EPSS

CVE•added 2015/10/21 11:59 p.m.•151 views

CVE-2015-4860

10CVSS5.5AI score0.08742EPSS

CVE•added 2015/10/21 11:59 p.m.•151 views

CVE-2015-4881

10CVSS5.3AI score0.07287EPSS

CVE•added 2015/01/21 3:28 p.m.•149 views

CVE-2014-6585

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.

2.6CVSS3.9AI score0.01466EPSS

CVE•added 2015/01/21 6:59 p.m.•148 views

CVE-2014-6601

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

10CVSS3.6AI score0.141EPSS

CVE•added 2015/01/21 6:59 p.m.•143 views

CVE-2015-0395

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

9.3CVSS3.8AI score0.24877EPSS

CVE•added 2015/10/21 11:59 p.m.•143 views

CVE-2015-4844

10CVSS6.1AI score0.16765EPSS

CVE•added 2015/10/21 11:59 p.m.•143 views

CVE-2015-4883

10CVSS5.2AI score0.08742EPSS

CVE•added 2015/01/21 3:28 p.m.•140 views

CVE-2014-6593

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.

4CVSS3.9AI score0.57714EPSS

CVE•added 2015/01/21 7:59 p.m.•139 views

CVE-2015-0412

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

7.2CVSS3.8AI score0.01848EPSS

CVE•added 2015/10/21 11:59 p.m.•139 views

CVE-2015-4872

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.

5CVSS4.9AI score0.07179EPSS

CVE•added 2015/04/16 4:59 p.m.•137 views

CVE-2015-0469

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

10CVSS3.8AI score0.09204EPSS

CVE•added 2015/01/21 3:28 p.m.•135 views

CVE-2014-6591

Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.

2.6CVSS3.8AI score0.01466EPSS

CVE•added 2015/04/16 4:59 p.m.•134 views

CVE-2015-0488

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.

5CVSS4AI score0.05187EPSS

CVE•added 2015/01/21 6:59 p.m.•131 views

CVE-2015-0383

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.

5.4CVSS3.6AI score0.00082EPSS

CVE•added 2015/04/16 4:59 p.m.•126 views

CVE-2015-0478

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.

4.3CVSS3.8AI score0.03066EPSS

CVE•added 2015/10/21 9:59 p.m.•123 views

CVE-2015-4803

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.

5CVSS4.8AI score0.04936EPSS

CVE•added 2015/10/21 11:59 p.m.•123 views

CVE-2015-4835

10CVSS5.3AI score0.07287EPSS

CVE•added 2015/10/22 12:0 a.m.•123 views

CVE-2015-4911

5CVSS4.8AI score0.04936EPSS

CVE•added 2015/10/21 9:59 p.m.•122 views

CVE-2015-4734

Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.

5CVSS5.8AI score0.0228EPSS

CVE•added 2015/10/21 11:59 p.m.•122 views

CVE-2015-4893

5CVSS4.8AI score0.04936EPSS

CVE•added 2015/10/21 11:59 p.m.•118 views

CVE-2015-4842

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.

5CVSS5AI score0.0228EPSS

CVE•added 2015/04/16 4:59 p.m.•116 views

CVE-2015-0460

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

9.3CVSS3.7AI score0.07435EPSS

CVE•added 2015/10/21 11:59 p.m.•116 views

CVE-2015-4840

Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.

5CVSS5.2AI score0.0228EPSS

CVE•added 2015/01/21 3:28 p.m.•113 views

CVE-2014-6587

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

4.3CVSS3.6AI score0.00167EPSS

CVE•added 2015/10/21 9:59 p.m.•113 views

CVE-2015-4806

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.

6.4CVSS5AI score0.01883EPSS

CVE•added 2015/10/21 11:59 p.m.•113 views

CVE-2015-4871

Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.

5.8CVSS4.4AI score0.03119EPSS

CVE•added 2015/07/16 10:59 a.m.•110 views

CVE-2015-2638

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

10CVSS4.1AI score0.07271EPSS

CVE•added 2015/10/21 11:59 p.m.•110 views

CVE-2015-4882

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.

5CVSS5.2AI score0.04936EPSS

CVE•added 2015/10/22 12:0 a.m.•108 views

CVE-2015-4903

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.

5CVSS5AI score0.0207EPSS

Total number of security vulnerabilities81