Oracle Jre vulnerabilities
799 known vulnerabilities affecting oracle/jre.
Total CVEs
799
CISA KEV
14
actively exploited
Public exploits
32
Exploited in wild
16
Severity breakdown
CRITICAL205HIGH121MEDIUM349LOW122
Vulnerabilities
Page 14 of 40
CVE-2017-10347MEDIUMCVSS 5.3v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10347 [MEDIUM] CVE-2017-10347: Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Sup
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks o
nvd
CVE-2017-10356MEDIUMCVSS 6.2v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10356 [MEDIUM] CVE-2017-10356: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedde
nvd
CVE-2017-10345LOWCVSS 3.1v1.6.0v1.7.0+2 more2017-10-19
CVE-2017-10345 [LOW] CVE-2017-10345: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Ja
nvd
CVE-2017-10107CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10107 [CRITICAL] CVE-2017-10107: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful at
nvd
CVE-2017-10087CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10087 [CRITICAL] CVE-2017-10087: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Success
nvd
CVE-2017-10090CRITICALCVSS 9.6v1.7.0v1.8.02017-08-08
CVE-2017-10090 [CRITICAL] CVE-2017-10090: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful att
nvd
CVE-2017-10110CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10110 [CRITICAL] CVE-2017-10110: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions tha
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the
nvd
CVE-2017-10089CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10089 [CRITICAL] CVE-2017-10089: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than
nvd
CVE-2017-10096CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10096 [CRITICAL] CVE-2017-10096: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a
nvd
CVE-2017-10102CRITICALCVSS 9.0v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10102 [CRITICAL] CVE-2017-10102: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supp
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the v
nvd
CVE-2017-10111CRITICALCVSS 9.6v1.8.02017-08-08
CVE-2017-10111 [CRITICAL] CVE-2017-10111: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks requ
nvd
CVE-2017-10086CRITICALCVSS 9.6v1.7.0v1.8.02017-08-08
CVE-2017-10086 [CRITICAL] CVE-2017-10086: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attac
nvd
CVE-2017-10101CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10101 [CRITICAL] CVE-2017-10101: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Sup
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a
nvd
CVE-2017-10078HIGHCVSS 8.1v1.8.02017-08-08
CVE-2017-10078 [HIGH] CVE-2017-10078: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported ve
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting). The supported version that is affected is Java SE: 8u131. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or
nvd
CVE-2017-10115HIGHCVSS 7.5v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10115 [HIGH] CVE-2017-10115: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE
nvd
CVE-2017-10116HIGHCVSS 8.3v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10116 [HIGH] CVE-2017-10116: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE,
nvd
CVE-2017-10176HIGHCVSS 7.5Exploitedv1.7.0v1.8.02017-08-08
CVE-2017-10176 [HIGH] CVE-2017-10176: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: S
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE E
nvd
CVE-2017-10074HIGHCVSS 8.3v1.6.0v1.7.0+1 more2017-08-08
CVE-2017-10074 [HIGH] CVE-2017-10074: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful a
nvd
CVE-2017-10118HIGHCVSS 7.5v1.7.0v1.8.02017-08-08
CVE-2017-10118 [HIGH] CVE-2017-10118: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedd
nvd
CVE-2017-10114HIGHCVSS 8.3v1.7.0v1.8.02017-08-08
CVE-2017-10114 [HIGH] CVE-2017-10114: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacke
nvd