Oracle Jre vulnerabilities

790 known vulnerabilities affecting oracle/jre.

Total CVEs

790

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL205HIGH119MEDIUM346LOW118

Vulnerabilities

Page 13 of 40

CVE-2017-10388HIGHCVSS 7.5v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10388 [HIGH] CVE-2017-10388: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attac

nvd

CVE-2017-10309HIGHCVSS 7.1PoCv1.8.0v1.9.02017-10-19

CVE-2017-10309 [HIGH] CVE-2017-10309: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versi Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker

nvd

CVE-2017-10357MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10357 [MEDIUM] CVE-2017-10357: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serializat Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Su

nvd

CVE-2017-10350MEDIUMCVSS 5.3v1.7.0v1.8.0+1 more2017-10-19

CVE-2017-10350 [MEDIUM] CVE-2017-10350: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). S Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attac

nvd

CVE-2017-10349MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10349 [MEDIUM] CVE-2017-10349: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful

nvd

CVE-2017-10281MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10281 [MEDIUM] CVE-2017-10281: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise J

nvd

CVE-2017-10293MEDIUMCVSS 6.1v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10293 [MEDIUM] CVE-2017-10293: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE. Successful attacks require human interaction from a person other than the attacker

nvd

CVE-2017-10274MEDIUMCVSS 6.8v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10274 [MEDIUM] CVE-2017-10274: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported ve Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person ot

nvd

CVE-2017-10355MEDIUMCVSS 5.3PoCv1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10355 [MEDIUM] CVE-2017-10355: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java

nvd

CVE-2017-10295MEDIUMCVSS 4.0v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10295 [MEDIUM] CVE-2017-10295: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE

nvd

CVE-2017-10348MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10348 [MEDIUM] CVE-2017-10348: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Succes

nvd

CVE-2017-10347MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10347 [MEDIUM] CVE-2017-10347: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Sup Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks o

nvd

CVE-2017-10356MEDIUMCVSS 6.2v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10356 [MEDIUM] CVE-2017-10356: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedde

nvd

CVE-2017-10345LOWCVSS 3.1v1.6.0v1.7.0+2 more2017-10-19

CVE-2017-10345 [LOW] CVE-2017-10345: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja

nvd

CVE-2017-10107CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08

CVE-2017-10107 [CRITICAL] CVE-2017-10107: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful at

nvd

CVE-2017-10087CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08

CVE-2017-10087 [CRITICAL] CVE-2017-10087: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Success

nvd

CVE-2017-10090CRITICALCVSS 9.6v1.7.0v1.8.02017-08-08

CVE-2017-10090 [CRITICAL] CVE-2017-10090: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful att

nvd

CVE-2017-10110CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08

CVE-2017-10110 [CRITICAL] CVE-2017-10110: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions tha Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the

nvd

CVE-2017-10089CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08

CVE-2017-10089 [CRITICAL] CVE-2017-10089: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than

nvd

CVE-2017-10096CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08

CVE-2017-10096 [CRITICAL] CVE-2017-10096: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a

nvd

← Previous13 / 40Next →