Oracle Jdk vulnerabilities
778 known vulnerabilities affecting oracle/jdk.
Total CVEs
778
CISA KEV
8
actively exploited
Public exploits
25
Exploited in wild
10
Severity breakdown
CRITICAL196HIGH119MEDIUM343LOW118
Vulnerabilities
Page 31 of 39
CVE-2013-2472CRITICALCVSS 10.0PoC≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2472 [CRITICAL] CVE-2013-2472: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU.
nvd
CVE-2013-2460CRITICALCVSS 9.3PoC≤ 1.7.0v1.7.02013-06-18
CVE-2013-2460 [CRITICAL] CVE-2013-2460: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from ano
nvd
CVE-2013-2469CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2469 [CRITICAL] CVE-2013-2469: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU.
nvd
CVE-2013-2459CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2459 [CRITICAL] CVE-2013-2459: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle
nvd
CVE-2013-2471CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2471 [CRITICAL] CVE-2013-2471: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU.
nvd
CVE-2013-2468CRITICALCVSS 10.0≤ 1.7.0v1.7.0+2 more2013-06-18
CVE-2013-2468 [CRITICAL] CVE-2013-2468: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2442 and CVE-2013-2466.
nvd
CVE-2013-2462CRITICALCVSS 9.3≤ 1.7.0v1.7.02013-06-18
CVE-2013-2462 [CRITICAL] CVE-2013-2462: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
nvd
CVE-2013-2464CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2464 [CRITICAL] CVE-2013-2464: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-246
nvd
CVE-2013-3743CRITICALCVSS 9.3≤ 1.6.0v1.6.0+2 more2013-06-18
CVE-2013-3743 [CRITICAL] CVE-2013-3743: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
nvd
CVE-2013-2470CRITICALCVSS 10.0PoC≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2470 [CRITICAL] CVE-2013-2470: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU.
nvd
CVE-2013-2442HIGHCVSS 7.5≤ 1.7.0v1.7.0+2 more2013-06-18
CVE-2013-2442 [HIGH] CVE-2013-2442: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2466 and CVE-2013-2468.
nvd
CVE-2013-2445HIGHCVSS 7.8≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2445 [HIGH] CVE-2013-2445: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Hotspot. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on cl
nvd
CVE-2013-2461HIGHCVSS 7.5v1.6.02013-06-18
CVE-2013-2461 [HIGH] CVE-2013-2461: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors rel
nvd
CVE-2013-2448HIGHCVSS 7.6≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2448 [HIGH] CVE-2013-2448: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU.
nvd
CVE-2013-2407MEDIUMCVSS 6.4≤ 1.7.0v1.7.0+2 more2013-06-18
CVE-2013-2407 [MEDIUM] CVE-2013-2407: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims
nvd
CVE-2013-2453MEDIUMCVSS 5.0≤ 1.7.0v1.7.0+2 more2013-06-18
CVE-2013-2453 [MEDIUM] CVE-2013-2453: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a miss
nvd
CVE-2013-2457MEDIUMCVSS 5.0≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2457 [MEDIUM] CVE-2013-2457: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from ano
nvd
CVE-2013-3744MEDIUMCVSS 5.0≤ 1.7.0v1.7.02013-06-18
CVE-2013-3744 [MEDIUM] CVE-2013-3744: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.
nvd
CVE-2013-2400MEDIUMCVSS 5.0≤ 1.7.0v1.7.02013-06-18
CVE-2013-2400 [MEDIUM] CVE-2013-2400: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744.
nvd
CVE-2013-2454MEDIUMCVSS 5.8≤ 1.7.0v1.7.0+4 more2013-06-18
CVE-2013-2454 [MEDIUM] CVE-2013-2454: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not comment
nvd