Oracle Javafx vulnerabilities

64 known vulnerabilities affecting oracle/javafx.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL35HIGH6MEDIUM19LOW4

Vulnerabilities

Page 2 of 4

CVE-2013-5810CRITICALCVSS 9.3≤ 2.2.40v2.0+9 more2013-10-16

CVE-2013-5810 [CRITICAL] CVE-2013-5810: Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows re Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

nvd

CVE-2013-5777CRITICALCVSS 9.3≤ 2.2.40v2.0+9 more2013-10-16

CVE-2013-5777 [CRITICAL] CVE-2013-5777: Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier an Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-5775.

nvd

CVE-2013-5775HIGHCVSS 7.5≤ 2.2.40v2.2+5 more2013-10-16

CVE-2013-5775 [HIGH] CVE-2013-5775: Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier an Unspecified vulnerability in the Java SE and JavaFX components in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-5777.

nvd

CVE-2013-5848MEDIUMCVSS 5.0≤ 2.2.40v2.0+9 more2013-10-16

CVE-2013-5848 [MEDIUM] CVE-2013-5848: Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.

nvd

CVE-2013-5854LOWCVSS 2.6≤ 2.2.40v2.0+9 more2013-10-16

CVE-2013-5854 [LOW] CVE-2013-5854: Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows re Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality via unknown vectors.

nvd

CVE-2013-5797LOWCVSS 3.5≤ 2.2.40v2.0+9 more2013-10-16

CVE-2013-5797 [LOW] CVE-2013-5797: Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.

nvd

CVE-2013-1571MEDIUMCVSS 4.3≤ 2.2.21v2.0+8 more2013-06-18

CVE-2013-1571 [MEDIUM] CVE-2013-1571: Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Upda Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on

nvd

CVE-2013-2444MEDIUMCVSS 5.0≤ 2.2.21v2.0+8 more2013-06-18

CVE-2013-2444 [MEDIUM] CVE-2013-2444: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not

nvd

CVE-2013-2414CRITICALCVSS 10.0≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2414 [CRITICAL] CVE-2013-2414: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2427, and CVE-2013-2428.

nvd

CVE-2013-2427CRITICALCVSS 10.0≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2427 [CRITICAL] CVE-2013-2427: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428.

nvd

CVE-2013-2432CRITICALCVSS 10.0≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2432 [CRITICAL] CVE-2013-2432: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 an

nvd

CVE-2013-2434CRITICALCVSS 10.0≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2434 [CRITICAL] CVE-2013-2434: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

nvd

CVE-2013-2428CRITICALCVSS 10.0≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2428 [CRITICAL] CVE-2013-2428: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427.

nvd

CVE-2013-1563HIGHCVSS 7.6≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-1563 [HIGH] CVE-2013-1563: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.

nvd

CVE-2013-2394HIGHCVSS 7.6≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2394 [HIGH] CVE-2013-2394: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CV

nvd

CVE-2013-2430HIGHCVSS 7.6≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2430 [HIGH] CVE-2013-2430: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous inform

nvd

CVE-2013-1564MEDIUMCVSS 5.0≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-1564 [MEDIUM] CVE-2013-1564: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.

nvd

CVE-2013-2439MEDIUMCVSS 6.9≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-2439 [MEDIUM] CVE-2013-2439: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.

nvd

CVE-2013-1561MEDIUMCVSS 5.0≤ 2.2.7v2.0+7 more2013-04-17

CVE-2013-1561 [MEDIUM] CVE-2013-1561: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.

nvd

CVE-2013-0402CRITICALCVSS 10.0≤ 2.2.72013-03-08

CVE-2013-0402 [CRITICAL] CWE-119 CVE-2013-0402: Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Updat Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

nvd

← Previous2 / 4Next →