Jre - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Jre
(Oracle)

Repositories	• https://github.com/madler/zlib • https://github.com/glennrp/libpng
#Vulnerabilities	742

Date	Id	Summary	Products	Score	Patch	Annotated
2014-01-15	CVE-2014-0387	Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.	Jdk, Jre	N/A
2014-01-15	CVE-2014-0403	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0375.	Jdk, Jre	N/A
2014-01-15	CVE-2014-0408	Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.	Jre	N/A
2014-01-15	CVE-2014-0410	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.	Jdk, Jre	N/A
2014-01-15	CVE-2014-0411	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.	Jdk, Jre, Jrockit	N/A
2014-01-15	CVE-2014-0415	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.	Jdk, Jre	N/A
2014-01-15	CVE-2014-0416	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.	Jdk, Jre	N/A
2014-01-15	CVE-2014-0417	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.	Javafx, Jdk, Jre	N/A
2014-01-15	CVE-2014-0418	Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424.	Jdk, Jre, Jdk, Jre, Enterprise_linux_desktop_supplementary, Enterprise_linux_hpc_node_supplementary, Enterprise_linux_server_supplementary, Enterprise_linux_server_supplementary_aus, Enterprise_linux_server_supplementary_eus, Enterprise_linux_workstation_supplementary	N/A
2014-01-15	CVE-2014-0422	Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.	Jdk, Jre	N/A