Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
| Max Base Score | 7.5 |
| Published | 2015-11-13 |
| Updated | 2022-05-13 |
| EPSS | 1.31% |
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4908.
| Max Base Score | 5.0 |
| Published | 2015-10-22 |
| Updated | 2020-09-08 |
| EPSS | 0.65% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
| Max Base Score | 5.0 |
| Published | 2015-10-22 |
| Updated | 2022-05-13 |
| EPSS | 7.37% |
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-4916.
| Max Base Score | 5.0 |
| Published | 2015-10-22 |
| Updated | 2020-09-08 |
| EPSS | 0.65% |
Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-4908 and CVE-2015-4916.
| Max Base Score | 5.0 |
| Published | 2015-10-22 |
| Updated | 2020-09-08 |
| EPSS | 0.65% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.
| Max Base Score | 5.0 |
| Published | 2015-10-22 |
| Updated | 2022-05-13 |
| EPSS | 0.87% |
CVE-2015-4902
Known Exploited Vulnerability
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
| Max Base Score | 5.0 |
| Published | 2015-10-22 |
| Updated | 2022-05-13 |
| EPSS | 0.86% |
| KEV Added | 2022-03-03 |
Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.
| Max Base Score | 9.3 |
| Published | 2015-10-22 |
| Updated | 2020-09-08 |
| EPSS | 1.11% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
| Max Base Score | 5.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 3.32% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860.
| Max Base Score | 10.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 2.27% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.
| Max Base Score | 5.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 3.32% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.
| Max Base Score | 10.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 1.64% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
| Max Base Score | 5.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 0.83% |
Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
| Max Base Score | 5.8 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 0.59% |
Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
| Max Base Score | 7.6 |
| Published | 2015-10-21 |
| Updated | 2020-09-08 |
| EPSS | 1.13% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
| Max Base Score | 10.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 2.27% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
| Max Base Score | 10.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 2.27% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
| Max Base Score | 10.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 2.27% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
| Max Base Score | 5.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 0.79% |
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
| Max Base Score | 5.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 0.79% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881.
| Max Base Score | 10.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 8.33% |
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
| Max Base Score | 6.9 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 0.04% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
| Max Base Score | 6.4 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 0.87% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
| Max Base Score | 10.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 8.33% |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911.
| Max Base Score | 5.0 |
| Published | 2015-10-21 |
| Updated | 2022-05-13 |
| EPSS | 6.32% |