Oracle Jre vulnerabilities
790 known vulnerabilities affecting oracle/jre.
Total CVEs
790
CISA KEV
14
actively exploited
Public exploits
30
Exploited in wild
16
Severity breakdown
CRITICAL205HIGH119MEDIUM346LOW118
Vulnerabilities
Page 12 of 40
CVE-2018-2638HIGHCVSS 8.3v1.8.0v9.0.12018-01-18
CVE-2018-2638 [HIGH] CVE-2018-2638: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versi
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the atta
nvd
CVE-2018-2639HIGHCVSS 8.3v1.8.0v9.0.12018-01-18
CVE-2018-2639 [HIGH] CVE-2018-2639: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versi
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the atta
nvd
CVE-2018-2599MEDIUMCVSS 4.8v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2599 [MEDIUM] CVE-2018-2599: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java S
nvd
CVE-2018-2678MEDIUMCVSS 4.3v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2678 [MEDIUM] CVE-2018-2678: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE,
nvd
CVE-2018-2602MEDIUMCVSS 4.5v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2602 [MEDIUM] CVE-2018-2602: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Sup
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Jav
nvd
CVE-2018-2581MEDIUMCVSS 4.7v1.7.0v1.8.0+1 more2018-01-18
CVE-2018-2581 [MEDIUM] CVE-2018-2581: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the at
nvd
CVE-2018-2588MEDIUMCVSS 4.3v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2588 [MEDIUM] CVE-2018-2588: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: L
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE,
nvd
CVE-2018-2641MEDIUMCVSS 6.1v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2641 [MEDIUM] CVE-2018-2641: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successf
nvd
CVE-2018-2657MEDIUMCVSS 5.3v1.6.0v1.7.02018-01-18
CVE-2018-2657 [MEDIUM] CVE-2018-2657: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Sup
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerabili
nvd
CVE-2018-2603MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2603 [MEDIUM] CVE-2018-2603: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: L
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Jav
nvd
CVE-2018-2663MEDIUMCVSS 4.3v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2663 [MEDIUM] CVE-2018-2663: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: L
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Jav
nvd
CVE-2018-2618MEDIUMCVSS 5.9v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2618 [MEDIUM] CVE-2018-2618: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE
nvd
CVE-2018-2677MEDIUMCVSS 4.3v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2677 [MEDIUM] CVE-2018-2677: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful
nvd
CVE-2018-2634MEDIUMCVSS 6.8v1.7.0v1.8.0+1 more2018-01-18
CVE-2018-2634 [MEDIUM] CVE-2018-2634: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Sup
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vuln
nvd
CVE-2018-2629MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2629 [MEDIUM] CVE-2018-2629: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java S
nvd
CVE-2018-2582MEDIUMCVSS 6.5v1.8.0v9.0.12018-01-18
CVE-2018-2582 [MEDIUM] CVE-2018-2582: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks re
nvd
CVE-2018-2579LOWCVSS 3.7v1.6.0v1.7.0+2 more2018-01-18
CVE-2018-2579 [LOW] CVE-2018-2579: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: L
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java
nvd
CVE-2013-4578MEDIUMCVSS 5.3v1.7.0≤ 1.7.02017-12-29
CVE-2013-4578 [MEDIUM] CWE-74 CVE-2013-4578: jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.
nvd
CVE-2017-10346CRITICALCVSS 9.6v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10346 [CRITICAL] CVE-2017-10346: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Success
nvd
CVE-2017-10285CRITICALCVSS 9.6v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10285 [CRITICAL] CVE-2017-10285: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful
nvd