java-1_7_0-openjdk (SUSE:Linux Enterprise Server 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 package java-1_7_0-openjdk, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (80)
CVE-2015-4733 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect…
CVE-2016-0483 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to…
CVE-2015-0491 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect…
CVE-2015-4732 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect…
CVE-2015-4731 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers…
CVE-2015-4881 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4760 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and…
CVE-2015-4883 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4805 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-2638 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers…
CVE-2015-4835 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-0408 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and…
CVE-2015-0459 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect…
CVE-2015-4843 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4844 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4860 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-2628 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect…
CVE-2015-0469 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and…
CVE-2016-0494 — CVSS 10.0 (critical): Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65…
CVE-2014-6601 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and…
CVE-2016-0686 — CVSS 9.6 (critical): Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect…
CVE-2016-0687 — CVSS 9.6 (critical): Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect…
CVE-2015-4736 — CVSS 9.3 (critical): Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability…
CVE-2015-0395 — CVSS 9.3 (critical): Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and…
CVE-2015-0460 — CVSS 9.3 (critical): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and…
CVE-2015-0492 — CVSS 9.3 (critical): Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity…
CVE-2016-0636 — CVSS 8.1 (high): Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and…
CVE-2015-4748 — CVSS 7.6 (high): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows…
CVE-2015-0458 — CVSS 7.6 (high): Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and…
CVE-2015-8126 — CVSS 7.5 (high): Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54…
CVE-2015-8472 — CVSS 7.3 (high): Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x…
CVE-2015-0412 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and…
CVE-2015-2597 — CVSS 7.2 (high): Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via…
CVE-2015-2664 — CVSS 6.9 (medium): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability…
CVE-2015-0484 — CVSS 6.8 (medium): Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality…
CVE-2015-4806 — CVSS 6.4 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-7575 — CVSS 5.9 (medium): Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does…
CVE-2016-0695 — CVSS 5.9 (medium): Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to…
CVE-2015-0480 — CVSS 5.8 (medium): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via…
CVE-2015-4871 — CVSS 5.8 (medium): Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors…
CVE-2015-0383 — CVSS 5.4 (medium): Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4…
CVE-2016-0402 — CVSS 5.0 (medium): Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65…
CVE-2015-0400 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors…
CVE-2015-0407 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown…
CVE-2015-0410 — CVSS 5.0 (medium): Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE…
CVE-2015-0488 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect…
CVE-2015-2601 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote…
CVE-2015-2613 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect…
CVE-2015-2619 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to…
CVE-2015-2621 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect…
CVE-2015-2632 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors…
CVE-2015-2637 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers…
CVE-2015-4734 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4803 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to…
CVE-2015-4840 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via…
CVE-2015-4842 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4872 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to…
CVE-2015-4882 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4893 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to…
CVE-2015-4903 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect…
CVE-2015-4911 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to…
CVE-2016-0466 — CVSS 5.0 (medium): Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE…
CVE-2014-6587 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability…
CVE-2016-3425 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to…
CVE-2015-2596 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
CVE-2015-0478 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect…
CVE-2015-4749 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote…
CVE-2015-0477 — CVSS 4.3 (medium): Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors…
CVE-2016-0448 — CVSS 4.0 (medium): Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65…
CVE-2015-4729 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown…
CVE-2014-6593 — CVSS 4.0 (medium): Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4…
CVE-2015-2808 — CVSS 3.7 (low): The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the…
CVE-2015-4000 — CVSS 3.7 (low): The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a…
CVE-2014-3566 — CVSS 3.4 (low): The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for…
CVE-2014-6591 — CVSS 2.6 (low): Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect…
CVE-2015-2627 — CVSS 2.6 (low): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors…
CVE-2015-2625 — CVSS 2.6 (low): Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote…
CVE-2014-6585 — CVSS 2.6 (low): Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown…