Skip to main content
CVE-2015-2590 CRITICAL KEV PATCH THREAT Act Now

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 63.0%.

Java Oracle Information Disclosure
NVD VulDB
CVSS 3.1
9.8
EPSS
63.0%
Threat
5.3
CVE-2015-4732 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
9.1%
CVE-2015-4760 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD VulDB
CVSS 2.0
10.0
EPSS
9.1%
CVE-2015-4733 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
9.1%
CVE-2015-2628 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
8.1%
CVE-2015-4731 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
7.5%
CVE-2015-2638 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre +1
NVD
CVSS 2.0
10.0
EPSS
6.8%
CVE-2015-4736 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
5.6%
CVE-2015-5386 CRITICAL PATCH Act Now

Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Authentication Bypass Siemens Sicam Mic Firmware
NVD
CVSS 2.0
9.3
EPSS
0.7%
CVE-2015-3621 CRITICAL Act Now

Untrusted search path vulnerability in SAP Enterprise Central Component (ECC) allows local users to gain privileges via a Trojan horse program. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure SAP Enterprise Central Component
NVD
CVSS 2.0
9.3
EPSS
0.4%
CVE-2015-5080 CRITICAL Act Now

The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.1 before 10.1.132.8, 10.5 before Build 56.15, and 10.5.e before Build 56.1505.e allows. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Citrix Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
9.0
EPSS
1.0%
CVE-2015-2629 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy