Oracle Jdk vulnerabilities
778 known vulnerabilities affecting oracle/jdk.
Total CVEs
778
CISA KEV
8
actively exploited
Public exploits
25
Exploited in wild
10
Severity breakdown
CRITICAL196HIGH119MEDIUM343LOW118
Vulnerabilities
Page 33 of 39
CVE-2013-1558CRITICALCVSS 10.0≤ 1.7.0v1.7.0+2 more2013-04-17
CVE-2013-1558 [CRITICAL] CVE-2013-1558: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
nvd
CVE-2013-2384CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-2384 [CRITICAL] CVE-2013-2384: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2
nvd
CVE-2013-2427CRITICALCVSS 10.0≤ 1.7.0v1.7.02013-04-17
CVE-2013-2427 [CRITICAL] CVE-2013-2427: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428.
nvd
CVE-2013-1569CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-1569 [CRITICAL] CVE-2013-1569: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 20
nvd
CVE-2013-2420CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-2420 [CRITICAL] CVE-2013-2420: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 20
nvd
CVE-2013-2436CRITICALCVSS 9.3≤ 1.7.0v1.7.02013-04-17
CVE-2013-2436 [CRITICAL] CVE-2013-2436: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the
nvd
CVE-2013-2422CRITICALCVSS 10.0≤ 1.7.0v1.7.0+2 more2013-04-17
CVE-2013-2422 [CRITICAL] CVE-2013-2422: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has no
nvd
CVE-2013-2425CRITICALCVSS 10.0≤ 1.7.0v1.7.02013-04-17
CVE-2013-2425 [CRITICAL] CVE-2013-2425: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
nvd
CVE-2013-2432CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-2432 [CRITICAL] CVE-2013-2432: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 an
nvd
CVE-2013-2434CRITICALCVSS 10.0≤ 1.7.0v1.7.02013-04-17
CVE-2013-2434 [CRITICAL] CVE-2013-2434: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
nvd
CVE-2013-2435CRITICALCVSS 10.0≤ 1.7.0v1.7.0+2 more2013-04-17
CVE-2013-2435 [CRITICAL] CVE-2013-2435: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440.
nvd
CVE-2013-1537CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-1537 [CRITICAL] CVE-2013-1537: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU.
nvd
CVE-2013-2421CRITICALCVSS 9.3≤ 1.7.0v1.7.02013-04-17
CVE-2013-2421 [CRITICAL] CVE-2013-2421: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from ano
nvd
CVE-2013-2428CRITICALCVSS 10.0≤ 1.7.0v1.7.02013-04-17
CVE-2013-2428 [CRITICAL] CVE-2013-2428: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427.
nvd
CVE-2013-1518CRITICALCVSS 10.0≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-1518 [CRITICAL] CVE-2013-1518: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU
nvd
CVE-2013-2440CRITICALCVSS 10.0≤ 1.7.0v1.7.0+2 more2013-04-17
CVE-2013-2440 [CRITICAL] CVE-2013-2440: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.
nvd
CVE-2013-2431CRITICALCVSS 10.0≤ 1.7.0v1.7.02013-04-17
CVE-2013-2431 [CRITICAL] CVE-2013-2431: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from ano
nvd
CVE-2013-1563HIGHCVSS 7.6≤ 1.7.0v1.7.0+2 more2013-04-17
CVE-2013-1563 [HIGH] CVE-2013-1563: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
nvd
CVE-2013-2394HIGHCVSS 7.6≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-2394 [HIGH] CVE-2013-2394: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CV
nvd
CVE-2013-2429HIGHCVSS 7.6≤ 1.7.0v1.7.0+4 more2013-04-17
CVE-2013-2429 [HIGH] CVE-2013-2429: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2
nvd