Oracle Jre vulnerabilities
799 known vulnerabilities affecting oracle/jre.
Total CVEs
799
CISA KEV
14
actively exploited
Public exploits
32
Exploited in wild
16
Severity breakdown
CRITICAL205HIGH121MEDIUM349LOW122
Vulnerabilities
Page 10 of 40
CVE-2019-2818LOWCVSS 3.1v11.0.3v12.0.12019-07-23
CVE-2019-2818 [LOW] CWE-203 CVE-2019-2818: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported version
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 11.0.3 and 12.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than t
nvd
CVE-2019-2842LOWCVSS 3.7v1.8.02019-07-23
CVE-2019-2842 [LOW] CVE-2019-2842: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial d
nvd
CVE-2019-2699CRITICALCVSS 9.0v1.8.02019-04-23
CVE-2019-2699 [CRITICAL] CVE-2019-2699: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). The supported
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the vulnerability is in Java SE, attacks may significantly impact additional
nvd
CVE-2019-2698HIGHCVSS 8.1PoCv1.7.0v1.8.02019-04-23
CVE-2019-2698 [HIGH] CVE-2019-2698: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This
nvd
CVE-2019-2697HIGHCVSS 8.1PoCv1.7.0v1.8.02019-04-23
CVE-2019-2697 [HIGH] CVE-2019-2697: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This
nvd
CVE-2019-2602HIGHCVSS 7.5v1.7.0v1.8.0+2 more2019-04-23
CVE-2019-2602 [HIGH] CWE-400 CVE-2019-2602: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.
nvd
CVE-2019-2684MEDIUMCVSS 5.9v1.7.0v1.8.0+2 more2019-04-23
CVE-2019-2684 [MEDIUM] CVE-2019-2684: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful
nvd
CVE-2019-2422LOWCVSS 3.1v1.7.0v1.8.0+1 more2019-01-16
CVE-2019-2422 [LOW] CVE-2019-2422: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versio
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction fr
nvd
CVE-2019-2449LOWCVSS 3.1v1.8.02019-01-16
CVE-2019-2449 [LOW] CVE-2019-2449: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported v
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Succ
nvd
CVE-2019-2426LOWCVSS 3.7v1.7.0v1.8.0+1 more2019-01-16
CVE-2019-2426 [LOW] CVE-2019-2426: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versi
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can r
nvd
CVE-2018-3183CRITICALCVSS 9.0v1.8.0v11.0.02018-10-17
CVE-2018-3183 [CRITICAL] CVE-2018-3183: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE
nvd
CVE-2018-3149HIGHCVSS 8.3v1.6.0v1.7.0+2 more2018-10-17
CVE-2018-3149 [HIGH] CVE-2018-3149: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Ja
nvd
CVE-2018-3169HIGHCVSS 8.3v1.7.0v1.8.0+1 more2018-10-17
CVE-2018-3169 [HIGH] CVE-2018-3169: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attack
nvd
CVE-2018-3209HIGHCVSS 8.3v1.8.02018-10-17
CVE-2018-3209 [HIGH] CVE-2018-3209: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). The supported versi
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). The supported version that is affected is Java SE: 8u182. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and whil
nvd
CVE-2018-3180MEDIUMCVSS 5.6v1.6.0v1.7.0+2 more2018-10-17
CVE-2018-3180 [MEDIUM] CVE-2018-3180: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SSL/TLS to compromise Java SE, Java SE Emb
nvd
CVE-2018-3211MEDIUMCVSS 6.6v1.8.0v11.0.02018-10-17
CVE-2018-3211 [MEDIUM] CVE-2018-3211: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serviceabi
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serviceability). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java
nvd
CVE-2018-3214MEDIUMCVSS 5.3v1.6.0v1.7.0+1 more2018-10-17
CVE-2018-3214 [MEDIUM] CVE-2018-3214: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java
nvd
CVE-2018-3139LOWCVSS 3.1v1.6.0v1.7.0+2 more2018-10-17
CVE-2018-3139 [LOW] CVE-2018-3139: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Success
nvd
CVE-2018-3150LOWCVSS 3.7v11.0.02018-10-17
CVE-2018-3150 [LOW] CVE-2018-3150: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Utility). The supported vers
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Utility). The supported version that is affected is Java SE: 11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete a
nvd
CVE-2018-3136LOWCVSS 3.4v1.6.0v1.7.0+2 more2018-10-17
CVE-2018-3136 [LOW] CVE-2018-3136: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successfu
nvd