U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:oracle:jdk:1.7.0
There are 566 matching records.
Displaying matches 241 through 260.
Vuln ID Summary CVSS Severity
CVE-2015-2601

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.

Published: July 16, 2015; 6:59:27 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2015-2597

Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.

Published: July 16, 2015; 6:59:23 AM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2015-2596

Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.

Published: July 16, 2015; 6:59:22 AM -0400 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2015-2590

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.

Published: July 16, 2015; 6:59:17 AM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2015-4000

The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.

Published: May 20, 2015; 8:59:00 PM -0400 		V3.0: 3.7 LOW
 V2.0: 4.3 MEDIUM
CVE-2015-0492

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.

Published: April 16, 2015; 12:59:43 PM -0400 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2015-0491

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.

Published: April 16, 2015; 12:59:42 PM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2015-0488

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.

Published: April 16, 2015; 12:59:39 PM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2015-0484

Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.

Published: April 16, 2015; 12:59:36 PM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2015-0480

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools.

Published: April 16, 2015; 12:59:33 PM -0400 		V3.x:(not available)
 V2.0: 5.8 MEDIUM
CVE-2015-0478

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.

Published: April 16, 2015; 12:59:32 PM -0400 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2015-0477

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.

Published: April 16, 2015; 12:59:31 PM -0400 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2015-0469

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Published: April 16, 2015; 12:59:23 PM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2015-0460

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Published: April 16, 2015; 12:59:17 PM -0400 		V3.x:(not available)
 V2.0: 9.3 HIGH
CVE-2015-0459

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.

Published: April 16, 2015; 12:59:16 PM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2015-0458

Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Published: April 16, 2015; 12:59:16 PM -0400 		V3.x:(not available)
 V2.0: 7.6 HIGH
CVE-2015-0413

Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via unknown vectors related to Serviceability.

Published: January 21, 2015; 2:59:02 PM -0500 		V3.x:(not available)
 V2.0: 1.9 LOW
CVE-2015-0412

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

Published: January 21, 2015; 2:59:01 PM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2015-0410

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.

Published: January 21, 2015; 1:59:50 PM -0500 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2015-0408

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

Published: January 21, 2015; 1:59:48 PM -0500 		V3.x:(not available)
 V2.0: 10.0 HIGH