Oracle Jdk vulnerabilities
778 known vulnerabilities affecting oracle/jdk.
Total CVEs
778
CISA KEV
8
actively exploited
Public exploits
25
Exploited in wild
10
Severity breakdown
CRITICAL196HIGH119MEDIUM343LOW118
Vulnerabilities
Page 14 of 39
CVE-2017-10348MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10348 [MEDIUM] CVE-2017-10348: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Succes
nvd
CVE-2017-10347MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10347 [MEDIUM] CVE-2017-10347: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Sup
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks o
nvd
CVE-2017-10356MEDIUMCVSS 6.2v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10356 [MEDIUM] CVE-2017-10356: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedde
nvd
CVE-2017-10345LOWCVSS 3.1v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10345 [LOW] CVE-2017-10345: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
nvd
CVE-2017-10107CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10107 [CRITICAL] CVE-2017-10107: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful at
nvd
CVE-2017-10087CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10087 [CRITICAL] CVE-2017-10087: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Success
nvd
CVE-2017-10090CRITICALCVSS 9.6v1.7.0v1.8.02017-08-08
CVE-2017-10090 [CRITICAL] CVE-2017-10090: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful att
nvd
CVE-2017-10110CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10110 [CRITICAL] CVE-2017-10110: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions tha
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the
nvd
CVE-2017-10089CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10089 [CRITICAL] CVE-2017-10089: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than
nvd
CVE-2017-10096CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10096 [CRITICAL] CVE-2017-10096: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a
nvd
CVE-2017-10102CRITICALCVSS 9.0v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10102 [CRITICAL] CVE-2017-10102: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the v
nvd
CVE-2017-10111CRITICALCVSS 9.6v1.8.02017-08-08
CVE-2017-10111 [CRITICAL] CVE-2017-10111: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks requ
nvd
CVE-2017-10086CRITICALCVSS 9.6v1.7.0v1.8.02017-08-08
CVE-2017-10086 [CRITICAL] CVE-2017-10086: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attac
nvd
CVE-2017-10101CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10101 [CRITICAL] CVE-2017-10101: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a
nvd
CVE-2017-10078HIGHCVSS 8.1v1.8.02017-08-08
CVE-2017-10078 [HIGH] CVE-2017-10078: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported ve
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or
nvd
CVE-2017-10115HIGHCVSS 7.5v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10115 [HIGH] CVE-2017-10115: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE
nvd
CVE-2017-10116HIGHCVSS 8.3v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10116 [HIGH] CVE-2017-10116: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE,
nvd
CVE-2017-10176HIGHCVSS 7.5Exploitedv1.7.0v1.8.02017-08-08
CVE-2017-10176 [HIGH] CVE-2017-10176: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE E
nvd
CVE-2017-10074HIGHCVSS 8.3v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10074 [HIGH] CVE-2017-10074: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a
nvd
CVE-2017-10118HIGHCVSS 7.5v1.7.0v1.8.02017-08-08
CVE-2017-10118 [HIGH] CVE-2017-10118: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedd
nvd