Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
Max CVSS
7.5
EPSS Score
1.49%
Published
2015-11-13
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908.
Max CVSS
5.0
EPSS Score
0.65%
Published
2015-10-22
Updated
2020-09-08
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
Max CVSS
5.0
EPSS Score
7.37%
Published
2015-10-22
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916.
Max CVSS
5.0
EPSS Score
0.65%
Published
2015-10-22
Updated
2020-09-08
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916.
Max CVSS
5.0
EPSS Score
0.65%
Published
2015-10-22
Updated
2020-09-08
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.
Max CVSS
5.0
EPSS Score
0.87%
Published
2015-10-22
Updated
2022-05-13
CVE-2015-4902
Known exploited
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Max CVSS
5.0
EPSS Score
0.86%
Published
2015-10-22
Updated
2022-05-13
CISA KEV Added
2022-03-03
Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
Max CVSS
9.3
EPSS Score
1.11%
Published
2015-10-22
Updated
2020-09-08
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
Max CVSS
5.0
EPSS Score
3.32%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.
Max CVSS
10.0
EPSS Score
2.27%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.
Max CVSS
5.0
EPSS Score
3.32%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.
Max CVSS
10.0
EPSS Score
1.64%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
Max CVSS
5.0
EPSS Score
0.83%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Max CVSS
5.8
EPSS Score
0.59%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Max CVSS
7.6
EPSS Score
1.13%
Published
2015-10-21
Updated
2020-09-08
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
Max CVSS
10.0
EPSS Score
2.27%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Max CVSS
10.0
EPSS Score
2.27%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Max CVSS
10.0
EPSS Score
28.60%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
Max CVSS
5.0
EPSS Score
0.79%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Max CVSS
5.0
EPSS Score
0.79%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.
Max CVSS
10.0
EPSS Score
8.33%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Max CVSS
6.9
EPSS Score
0.04%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
Max CVSS
6.4
EPSS Score
0.87%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
Max CVSS
10.0
EPSS Score
8.33%
Published
2015-10-21
Updated
2022-05-13
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
Max CVSS
5.0
EPSS Score
6.32%
Published
2015-10-21
Updated
2022-05-13