Rhel Extras Oracle Java CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (408 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2015-4893	2 Oracle, Redhat	7 Jdk, Jre, Jrockit and 4 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
CVE-2015-4911	2 Oracle, Redhat	5 Jdk, Jre, Jrockit and 2 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
CVE-2014-0432	2 Oracle, Redhat	4 Jdk, Jre, Rhel Extras and 1 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0455 and CVE-2014-2402.
CVE-2015-0413	4 Canonical, Oracle, Redhat and 1 more	5 Ubuntu Linux, Jdk, Jre and 2 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.
CVE-2015-0486	3 Opensuse, Oracle, Redhat	4 Opensuse, Jdk, Jre and 1 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
CVE-2015-2637	2 Oracle, Redhat	6 Javafx, Jdk, Jre and 3 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
CVE-2015-2638	2 Oracle, Redhat	6 Javafx, Jdk, Jre and 3 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
CVE-2015-4840	2 Oracle, Redhat	6 Jdk, Jre, Enterprise Linux and 3 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.
CVE-2016-3426	2 Oracle, Redhat	6 Jdk, Jre, Enterprise Linux and 3 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.
CVE-2016-0448	3 Canonical, Oracle, Redhat	7 Ubuntu Linux, Jdk, Jre and 4 more	2025-04-12	N/A
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.
CVE-2015-4843	2 Oracle, Redhat	6 Jdk, Jre, Enterprise Linux and 3 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
CVE-2015-2601	2 Oracle, Redhat	7 Jdk, Jre, Jrockit and 4 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
CVE-2015-8472	3 Apple, Libpng, Redhat	6 Mac Os X, Libpng, Enterprise Linux and 3 more	2025-04-12	N/A
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8126.
CVE-2014-4263	2 Oracle, Redhat	7 Jdk, Jre, Jrockit and 4 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
CVE-2014-6593	2 Oracle, Redhat	7 Jdk, Jre, Jrockit and 4 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
CVE-2015-0410	6 Canonical, Debian, Novell and 3 more	12 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 9 more	2025-04-12	N/A
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.
CVE-2015-2808	9 Canonical, Debian, Fujitsu and 6 more	102 Ubuntu Linux, Debian Linux, Sparc Enterprise M3000 and 99 more	2025-04-12	N/A
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
CVE-2015-4872	2 Oracle, Redhat	7 Jdk, Jre, Jrockit and 4 more	2025-04-12	N/A
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security.
CVE-2016-0475	2 Oracle, Redhat	6 Jdk, Jre, Jrockit and 3 more	2025-04-12	N/A
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
CVE-2015-7575	4 Canonical, Mozilla, Opensuse and 1 more	9 Ubuntu Linux, Firefox, Network Security Services and 6 more	2025-04-12	N/A
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.

« first previous Page 13 of 21. next last »