Oracle Jdk vulnerabilities
778 known vulnerabilities affecting oracle/jdk.
Total CVEs
778
CISA KEV
8
actively exploited
Public exploits
25
Exploited in wild
10
Severity breakdown
CRITICAL196HIGH119MEDIUM343LOW118
Vulnerabilities
Page 21 of 39
CVE-2015-2601MEDIUMCVSS 5.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2601 [MEDIUM] CVE-2015-2601: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embed
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
nvd
CVE-2015-2637MEDIUMCVSS 5.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2637 [MEDIUM] CVE-2015-2637: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedde
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
nvd
CVE-2015-2596MEDIUMCVSS 4.3v1.7.02015-07-16
CVE-2015-2596 [MEDIUM] CVE-2015-2596: Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unk
Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
nvd
CVE-2015-2632MEDIUMCVSS 5.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2632 [MEDIUM] CVE-2015-2632: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect c
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
nvd
CVE-2015-2627LOWCVSS 2.6v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2627 [LOW] CVE-2015-2627: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect c
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
nvd
CVE-2015-2625LOWCVSS 2.6v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2625 [LOW] CVE-2015-2625: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embed
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
nvd
CVE-2015-4000LOWCVSS 3.7PoCv1.6.0v1.7.0+1 more2015-05-21
CVE-2015-4000 [LOW] CWE-310 CVE-2015-4000: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, a
nvd
CVE-2015-0492CRITICALCVSS 9.3v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0492 [CRITICAL] CVE-2015-0492: Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attacker
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.
nvd
CVE-2015-0491CRITICALCVSS 10.0v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0491 [CRITICAL] CVE-2015-0491: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.
nvd
CVE-2015-0469CRITICALCVSS 10.0v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0469 [CRITICAL] CVE-2015-0469: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
nvd
CVE-2015-0459CRITICALCVSS 10.0v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0459 [CRITICAL] CVE-2015-0459: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.
nvd
CVE-2015-0460CRITICALCVSS 9.3v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0460 [CRITICAL] CVE-2015-0460: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
nvd
CVE-2015-0458HIGHCVSS 7.6v1.6.0v1.7.0+1 more2015-04-16
CVE-2015-0458 [HIGH] CVE-2015-0458: Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affec
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
nvd
CVE-2015-0488MEDIUMCVSS 5.0v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0488 [MEDIUM] CVE-2015-0488: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allow
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect availability via vectors related to JSSE.
nvd
CVE-2015-0480MEDIUMCVSS 5.8v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0480 [MEDIUM] CVE-2015-0480: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools.
nvd
CVE-2015-0478MEDIUMCVSS 4.3v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0478 [MEDIUM] CVE-2015-0478: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allow
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.
nvd
CVE-2015-0477MEDIUMCVSS 4.3v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0477 [MEDIUM] CVE-2015-0477: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.
nvd
CVE-2015-0470MEDIUMCVSS 4.3v1.8.02015-04-16
CVE-2015-0470 [MEDIUM] CVE-2015-0470: Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unk
Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
nvd
CVE-2015-0484MEDIUMCVSS 6.8v1.7.0v1.8.02015-04-16
CVE-2015-0484 [MEDIUM] CVE-2015-0484: Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attacke
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492.
nvd
CVE-2015-0486MEDIUMCVSS 5.0v1.8.02015-04-16
CVE-2015-0486 [MEDIUM] CVE-2015-0486: Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality v
Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
nvd