Oracle Jdk vulnerabilities
778 known vulnerabilities affecting oracle/jdk.
Total CVEs
778
CISA KEV
8
actively exploited
Public exploits
25
Exploited in wild
10
Severity breakdown
CRITICAL196HIGH119MEDIUM343LOW118
Vulnerabilities
Page 38 of 39
CVE-2012-5079MEDIUMCVSS 5.0≤ 1.7.0v1.7.0+4 more2012-10-16
CVE-2012-5079 [MEDIUM] CVE-2012-5079: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073.
nvd
CVE-2012-5081MEDIUMCVSS 5.0≤ 1.7.0v1.7.0+4 more2012-10-16
CVE-2012-5081 [MEDIUM] CVE-2012-5081: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
nvd
CVE-2012-5067MEDIUMCVSS 5.0PoC≤ 1.7.0v1.7.02012-10-16
CVE-2012-5067 [MEDIUM] CVE-2012-5067: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
nvd
CVE-2012-5072MEDIUMCVSS 5.0≤ 1.7.0v1.7.0+2 more2012-10-16
CVE-2012-5072 [MEDIUM] CVE-2012-5072: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
nvd
CVE-2012-5071MEDIUMCVSS 6.4≤ 1.7.0v1.7.0+3 more2012-10-16
CVE-2012-5071 [MEDIUM] CVE-2012-5071: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
nvd
CVE-2012-5069MEDIUMCVSS 5.8≤ 1.7.0v1.7.0+3 more2012-10-16
CVE-2012-5069 [MEDIUM] CVE-2012-5069: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
nvd
CVE-2012-5074MEDIUMCVSS 6.4≤ 1.7.0v1.7.02012-10-16
CVE-2012-5074 [MEDIUM] CVE-2012-5074: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS.
nvd
CVE-2012-5070MEDIUMCVSS 5.0≤ 1.7.0v1.7.02012-10-16
CVE-2012-5070 [MEDIUM] CVE-2012-5070: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX.
nvd
CVE-2012-5075MEDIUMCVSS 5.0≤ 1.7.0v1.7.0+3 more2012-10-16
CVE-2012-5075 [MEDIUM] CVE-2012-5075: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
nvd
CVE-2012-3216LOWCVSS 2.6≤ 1.7.0v1.7.0+4 more2012-10-16
CVE-2012-3216 [LOW] CVE-2012-3216: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
nvd
CVE-2012-5077LOWCVSS 2.6≤ 1.7.0v1.7.0+4 more2012-10-16
CVE-2012-5077 [LOW] CVE-2012-5077: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
nvd
CVE-2012-5085UNKNOWNCVSS 0.0≤ 1.7.0v1.7.0+4 more2012-10-16
CVE-2012-5085 [NONE] CVE-2012-5085: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS scor
nvd
CVE-2012-3136CRITICALCVSS 10.0≤ 1.7.0v1.7.02012-08-30
CVE-2012-3136 [CRITICAL] CVE-2012-3136: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.
nvd
CVE-2012-1682CRITICALCVSS 10.0≤ 1.7.0v1.7.02012-08-30
CVE-2012-1682 [CRITICAL] CVE-2012-1682: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue
nvd
CVE-2012-0547UNKNOWNCVSS 0.0PoCv1.7.0≤ 1.6.0+1 more2012-08-30
CVE-2012-0547 [NONE] CVE-2012-0547: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: t
nvd
CVE-2012-4681CRITICALCVSS 9.8KEVPoCv1.6.0v1.7.02012-08-28
CVE-2012-4681 [CRITICAL] CWE-284 CVE-2012-4681: Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restric
nvd
CVE-2012-1725CRITICALCVSS 10.0≤ 1.7.0v1.7.0+2 more2012-06-16
CVE-2012-1725 [CRITICAL] CVE-2012-1725: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
nvd
CVE-2012-1722CRITICALCVSS 10.0≤ 1.7.0≤ 1.6.02012-06-16
CVE-2012-1722 [CRITICAL] CVE-2012-1722: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721.
nvd
CVE-2012-1721CRITICALCVSS 10.0≤ 1.7.0≤ 1.6.02012-06-16
CVE-2012-1721 [CRITICAL] CVE-2012-1721: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722.
nvd
CVE-2012-1723CRITICALCVSS 9.8KEVPoC≤ 1.4.2_37v1.5.0+2 more2012-06-16
CVE-2012-1723 [CRITICAL] CWE-284 CVE-2012-1723: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
nvd