Search for packages
| purl | pkg:deb/debian/openjdk-6@6b36-1.13.8-1~deb7u1 |
| Next non-vulnerable version | 6b38-1.13.10-1~deb7u1 |
| Latest non-vulnerable version | 6b38-1.13.10-1~deb7u1 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2zab-6bzp-aaae
Aliases: CVE-2015-7575 |
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision. |
Affected by 0 other vulnerabilities. |
|
VCID-4mn5-rudm-aaad
Aliases: CVE-2015-4803 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. |
Affected by 0 other vulnerabilities. |
|
VCID-4xjg-pkvt-aaaf
Aliases: CVE-2015-4734 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. |
Affected by 0 other vulnerabilities. |
|
VCID-54kr-zp5m-aaaf
Aliases: CVE-2015-4843 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
Affected by 0 other vulnerabilities. |
|
VCID-5v3k-du34-aaag
Aliases: CVE-2015-4860 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883. |
Affected by 0 other vulnerabilities. |
|
VCID-afuu-g4qk-aaaf
Aliases: CVE-2015-4882 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA. |
Affected by 0 other vulnerabilities. |
|
VCID-c2ym-9zs6-aaak
Aliases: CVE-2015-4883 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860. |
Affected by 0 other vulnerabilities. |
|
VCID-e52p-4x3k-aaae
Aliases: CVE-2015-4911 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893. |
Affected by 0 other vulnerabilities. |
|
VCID-ft2c-szdr-aaag
Aliases: CVE-2016-0402 |
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking. |
Affected by 0 other vulnerabilities. |
|
VCID-g8kx-73br-aaaj
Aliases: CVE-2015-4893 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911. |
Affected by 0 other vulnerabilities. |
|
VCID-g9gs-5g3x-aaac
Aliases: CVE-2015-4842 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP. |
Affected by 0 other vulnerabilities. |
|
VCID-jsnz-jyva-aaae
Aliases: CVE-2016-0448 |
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX. |
Affected by 0 other vulnerabilities. |
|
VCID-mbnh-c5z5-aaaf
Aliases: CVE-2016-0466 |
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP. |
Affected by 0 other vulnerabilities. |
|
VCID-r5eq-ra3u-aaak
Aliases: CVE-2015-4835 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4881. |
Affected by 0 other vulnerabilities. |
|
VCID-stp6-6vbs-aaap
Aliases: CVE-2015-4881 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835. |
Affected by 0 other vulnerabilities. |
|
VCID-tr9j-33kv-aaas
Aliases: CVE-2016-0483 |
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data. |
Affected by 0 other vulnerabilities. |
|
VCID-v9v1-7vr2-aaaf
Aliases: CVE-2015-4844 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
Affected by 0 other vulnerabilities. |
|
VCID-vrd3-14vp-aaan
Aliases: CVE-2015-4872 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security. |
Affected by 0 other vulnerabilities. |
|
VCID-w7k9-ph6s-aaak
Aliases: CVE-2015-4806 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. |
Affected by 0 other vulnerabilities. |
|
VCID-yksw-dtfz-aaae
Aliases: CVE-2015-4805 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization. |
Affected by 0 other vulnerabilities. |
|
VCID-zvgt-2ebz-aaak
Aliases: CVE-2016-0494 |
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
Affected by 0 other vulnerabilities. |
|
VCID-zz37-wh3j-aaap
Aliases: CVE-2015-4903 |
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1seq-yqzy-aaaq | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590. |
CVE-2015-4732
|
| VCID-2sxw-9erm-aaab | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591. |
CVE-2014-6585
|
| VCID-343j-p6d7-aaan | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Libraries. |
CVE-2014-6512
|
| VCID-4kt1-yxen-aaaa | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D. |
CVE-2015-2632
|
| VCID-4qww-3wn9-aaag | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. |
CVE-2014-3566
|
| VCID-4tpu-dmys-aaac | Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585. |
CVE-2014-6591
|
| VCID-5d5d-m4qk-aaaa | CVE-2014-0452 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801) |
CVE-2014-0452
|
| VCID-5pun-cwz9-aaak | CVE-2014-0453 OpenJDK: RSA unpadding timing issues (Security, 8027766) |
CVE-2014-0453
|
| VCID-5x77-7ksz-aaap | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
CVE-2015-0469
|
| VCID-65zu-nw93-aaam | CVE-2014-0458 OpenJDK: Activation framework default command map caching (JAX-WS, 8025152) |
CVE-2014-0458
|
| VCID-6qd9-8eft-aaae | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools. |
CVE-2015-0480
|
| VCID-6yt2-eq86-aaab | CVE-2014-4263 OpenJDK: insufficient Diffie-Hellman public key validation (Security, 8037162) |
CVE-2014-4263
|
| VCID-6zp6-92wf-aaas | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. |
CVE-2015-2590
|
| VCID-7ggf-r1kt-aaan | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE. |
CVE-2015-0488
|
| VCID-81qn-qn4u-aaaa | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
CVE-2015-0460
|
| VCID-8um2-rvaa-aaas | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. |
CVE-2015-2601
|
| VCID-8uvp-mzs4-aaae | CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394) |
CVE-2014-0457
|
| VCID-8vbh-xbw6-aaam | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing. |
CVE-2015-0407
|
| VCID-8wtr-zvts-aaar | CVE-2014-4216 OpenJDK: Incorrect generic signature attribute parsing (Hotspot, 8037076) |
CVE-2014-4216
|
| VCID-9mab-pc75-aaaq | CVE-2014-0451 OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797) |
CVE-2014-0451
|
| VCID-aht8-ee28-aaad | CVE-2014-4209 OpenJDK: SubjectDelegator protection insufficient (JMX, 8029755) |
CVE-2014-4209
|
| VCID-anv8-rj45-aaah | CVE-2014-4244 OpenJDK: RSA blinding issues (Security, 8031346) |
CVE-2014-4244
|
| VCID-b74m-xuft-aaaj | CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) |
CVE-2014-4218
|
| VCID-bhr1-xe1r-aaab | CVE-2014-0462 OpenJDK: libjpeg: uninitialized memory read information leak (AWT, 8029760) |
CVE-2014-0462
|
| VCID-bnq4-xjzd-aaas | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX. |
CVE-2015-2621
|
| VCID-bube-hxb9-aaaf | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality via unknown vectors related to 2D. |
CVE-2014-6511
|
| VCID-bw9w-sbun-aaae | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans. |
CVE-2015-0477
|
| VCID-cern-st74-aaan | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. |
CVE-2014-6531
|
| VCID-cukv-6yn9-aaac | CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010) |
CVE-2014-2412
|
| VCID-d6x5-myy3-aaaf | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. |
CVE-2015-4748
|
| VCID-ds7a-2aqy-aaar | CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854) |
CVE-2014-2421
|
| VCID-e8mk-m9f8-aaaj | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. |
CVE-2014-6457
|
| VCID-eb69-349w-aaan | CVE-2014-4266 OpenJDK: InfoBuilder incorrect return values (Serviceability, 8033301) |
CVE-2014-4266
|
| VCID-eepj-vpn1-aaan | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI. |
CVE-2015-4749
|
| VCID-ergv-shn9-aaas | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
CVE-2015-0395
|
| VCID-g8rh-1fnd-aaag | CVE-2014-2403 OpenJDK: JAXP CharInfo file access restriction (JAXP, 8029282) |
CVE-2014-2403
|
| VCID-g9qz-byaa-aaae | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot. |
CVE-2014-6504
|
| VCID-gege-h6fn-aaab | Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
CVE-2014-6587
|
| VCID-gpd3-qa97-aaac | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. |
CVE-2015-4733
|
| VCID-grsn-enp3-aaak | CVE-2014-0429 OpenJDK: Incorrect mlib/raster image validation (2D, 8027841) |
CVE-2014-0429
|
| VCID-gy2f-bj98-aaaq | Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS. |
CVE-2015-0412
|
| VCID-h4e6-9kx3-aaaa | CVE-2014-0446 OpenJDK: Protect logger handlers (Libraries, 8029740) |
CVE-2014-0446
|
| VCID-h8rg-jw91-aaaf | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3 and JRockit R28.3.3 allows remote attackers to affect integrity via unknown vectors related to Security. |
CVE-2014-6558
|
| VCID-hxsf-7hg9-aaaa | Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security. |
CVE-2015-0410
|
| VCID-jdvr-8e3k-aaas | CVE-2014-4268 OpenJDK: Missing file choser access restrictions (Swing, 8035699) |
CVE-2014-4268
|
| VCID-jj88-ybwu-aaag | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. |
CVE-2014-6593
|
| VCID-m9y1-n8cm-aaaf | CVE-2014-4262 OpenJDK: AtomicReferenceFieldUpdater missing primitive type check (Libraries, 8039520) |
CVE-2014-4262
|
| VCID-may1-c73m-aaar | CVE-2014-0460 OpenJDK: missing randomization of JNDI DNS client query IDs (JNDI, 8030731) |
CVE-2014-0460
|
| VCID-mb7d-m4w2-aaaj | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. |
CVE-2014-6506
|
| VCID-mzwb-wh31-aaag | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE. |
CVE-2015-2625
|
| VCID-n5dv-7zj9-aaak | CVE-2014-1876 OpenJDK: insecure temporary file use in unpack200 (Libraries, 8033618) |
CVE-2014-1876
|
| VCID-n8ge-w5b7-aaaj | CVE-2014-0461 OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794) |
CVE-2014-0461
|
| VCID-ndpu-nrba-aaaj | Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. |
CVE-2015-2613
|
| VCID-nra1-qpxm-aaag | CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) |
CVE-2014-2490
|
| VCID-nxwa-6va3-aaaa | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. |
CVE-2015-2628
|
| VCID-nyh1-58x1-aaae | CVE-2014-0456 OpenJDK: System.arraycopy() element race condition (Hotspot, 8029858) |
CVE-2014-0456
|
| VCID-pdhy-b9gc-aaar | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. |
CVE-2015-4731
|
| VCID-phzg-xuxt-aaad | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. |
CVE-2015-0408
|
| VCID-pmtm-skvc-aaar | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. |
CVE-2015-4000
|
| VCID-pxg8-hn1t-aaan | CVE-2014-4252 OpenJDK: Prevent instantiation of service with non-public constructor (Security, 8035004) |
CVE-2014-4252
|
| VCID-q7s4-jn4a-aaaq | CVE-2014-2398 OpenJDK: insufficient escaping of window title string (Javadoc, 8026736) |
CVE-2014-2398
|
| VCID-qrgj-1phr-aaag | CVE-2014-2414 OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030) |
CVE-2014-2414
|
| VCID-rqpq-v5ck-aaar | Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
CVE-2014-6601
|
| VCID-s4ew-u12u-aaaa | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
CVE-2015-4760
|
| VCID-s58c-hu3c-aaae | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. |
CVE-2015-0383
|
| VCID-s7f5-7rv3-aaas | CVE-2014-4219 OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119) |
CVE-2014-4219
|
| VCID-sgup-jvad-aaaj | Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unknown vectors related to Hotspot. |
CVE-2015-0470
|
| VCID-smbv-jzg8-aaas | CVE-2014-2423 OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188) |
CVE-2014-2423
|
| VCID-u5gu-wg1b-aaap | Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D. |
CVE-2014-0459
|
| VCID-uk8n-xbfq-aaar | Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot. |
CVE-2014-6519
|
| VCID-v8pt-zgpu-aaam | CVE-2014-2427 OpenJDK: remove insecure Java Sound provider caching (Sound, 8026163) |
CVE-2014-2427
|
| VCID-w95b-vk8h-aaae | Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries. |
CVE-2014-6502
|
| VCID-y73v-3c23-aaab | CVE-2014-2397 OpenJDK: classfile parser invalid BootstrapMethods attribute length (Hotspot, 8034926) |
CVE-2014-2397
|
| VCID-ynv5-kuhp-aaaj | Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP. |
CVE-2014-6517
|
| VCID-yvx9-u253-aaar | The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. |
CVE-2015-2808
|
| VCID-zn82-tvb3-aaah | CVE-2014-2405 OpenJDK: libpng unhandled zero-length PLTE chunk or NULL palette (AWT, 8031352) |
CVE-2014-2405
|
| VCID-zrpg-rxnx-aaas | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE. |
CVE-2015-0478
|