CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle » JDK : Security Vulnerabilities Published In 2015

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-8126 120 DoS Overflow 2015-11-13 2022-05-13
7.5
 None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
2 CVE-2015-4916 2015-10-22 2020-09-08
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908.
3 CVE-2015-4911 2015-10-22 2022-05-13
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
4 CVE-2015-4908 2015-10-22 2020-09-08
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916.
5 CVE-2015-4906 2015-10-22 2020-09-08
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916.
6 CVE-2015-4903 2015-10-22 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.
7 CVE-2015-4902 2015-10-22 2022-05-13
5.0
 None Remote Low Not required None Partial None
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
8 CVE-2015-4901 2015-10-22 2020-09-08
9.3
 None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
9 CVE-2015-4893 2015-10-21 2022-05-13
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
10 CVE-2015-4883 2015-10-21 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.
11 CVE-2015-4882 2015-10-21 2022-05-13
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.
12 CVE-2015-4881 2015-10-21 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.
13 CVE-2015-4872 2015-10-21 2022-05-13
5.0
 None Remote Low Not required None Partial None
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
14 CVE-2015-4871 2015-10-21 2022-05-13
5.8
 None Remote Medium Not required Partial Partial None
Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
15 CVE-2015-4868 2015-10-21 2020-09-08
7.6
 None Remote High Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
16 CVE-2015-4860 2015-10-21 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
17 CVE-2015-4844 2015-10-21 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
18 CVE-2015-4843 2015-10-21 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
19 CVE-2015-4842 2015-10-21 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
20 CVE-2015-4840 2015-10-21 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
21 CVE-2015-4835 2015-10-21 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.
22 CVE-2015-4810 2015-10-21 2022-05-13
6.9
 None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
23 CVE-2015-4806 2015-10-21 2022-05-13
6.4
 None Remote Low Not required Partial Partial None
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
24 CVE-2015-4805 2015-10-21 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
25 CVE-2015-4803 2015-10-21 2022-05-13
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
26 CVE-2015-4760 2015-07-16 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
27 CVE-2015-4749 2015-07-16 2022-05-13
4.3
 None Remote Medium Not required None None Partial
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
28 CVE-2015-4748 2015-07-16 2022-05-13
7.6
 None Remote High Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
29 CVE-2015-4736 2015-07-16 2022-05-13
9.3
 None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
30 CVE-2015-4734 2015-10-21 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.
31 CVE-2015-4733 2015-07-16 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
32 CVE-2015-4732 2015-07-16 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590.
33 CVE-2015-4731 2015-07-16 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
34 CVE-2015-4729 2015-07-16 2022-05-13
4.0
 None Remote High Not required Partial Partial None
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
35 CVE-2015-4000 310 2015-05-21 2022-05-13
4.3
 None Remote Medium Not required None Partial None
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
36 CVE-2015-2664 2015-07-16 2022-05-13
6.9
 None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
37 CVE-2015-2659 2015-07-16 2020-09-08
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security.
38 CVE-2015-2638 2015-07-16 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
39 CVE-2015-2637 2015-07-16 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
40 CVE-2015-2632 2015-07-16 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
41 CVE-2015-2628 2015-07-16 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.
42 CVE-2015-2627 2015-07-16 2022-05-13
2.6
 None Remote High Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
43 CVE-2015-2625 2015-07-16 2022-05-13
2.6
 None Remote High Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
44 CVE-2015-2621 2015-07-16 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
45 CVE-2015-2619 2015-07-16 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
46 CVE-2015-2613 2015-07-16 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
47 CVE-2015-2601 2015-07-16 2022-05-13
5.0
 None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
48 CVE-2015-2597 2015-07-16 2022-05-13
7.2
 None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
49 CVE-2015-2596 2015-07-16 2022-05-13
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
50 CVE-2015-2590 2015-07-16 2022-05-13
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
Total number of vulnerabilities : 81   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.