Oracle Jre vulnerabilities
790 known vulnerabilities affecting oracle/jre.
Total CVEs
790
CISA KEV
14
actively exploited
Public exploits
32
Exploited in wild
16
Severity breakdown
CRITICAL205HIGH119MEDIUM346LOW118
Vulnerabilities
Page 17 of 40
CVE-2016-3598CRITICALCVSS 9.6v1.8.02016-07-21
CVE-2016-3598 [CRITICAL] CVE-2016-3598: Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers t
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.
nvd
CVE-2016-3511HIGHCVSS 7.7v1.7.0v1.8.02016-07-21
CVE-2016-3511 [HIGH] CVE-2016-3511: Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidential
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Deployment.
nvd
CVE-2016-3552HIGHCVSS 8.1v1.8.02016-07-21
CVE-2016-3552 [HIGH] CVE-2016-3552: Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integ
Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
nvd
CVE-2016-3503HIGHCVSS 7.7v1.6.0v1.7.0+1 more2016-07-21
CVE-2016-3503 [HIGH] CVE-2016-3503: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect conf
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
nvd
CVE-2016-3500MEDIUMCVSS 5.3v1.6.0v1.7.0+1 more2016-07-21
CVE-2016-3500 [MEDIUM] CVE-2016-3500: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRock
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
nvd
CVE-2016-3508MEDIUMCVSS 5.3v1.6.0v1.7.0+1 more2016-07-21
CVE-2016-3508 [MEDIUM] CVE-2016-3508: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRock
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
nvd
CVE-2016-3550MEDIUMCVSS 4.3v1.6.0v1.7.0+1 more2016-07-21
CVE-2016-3550 [MEDIUM] CVE-2016-3550: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
nvd
CVE-2016-3498MEDIUMCVSS 5.3v1.7.0v1.8.02016-07-21
CVE-2016-3498 [MEDIUM] CVE-2016-3498: Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availab
Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remote attackers to affect availability via vectors related to JavaFX.
nvd
CVE-2016-3458MEDIUMCVSS 4.3v1.6.0v1.7.0+1 more2016-07-21
CVE-2016-3458 [MEDIUM] CVE-2016-3458: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.
nvd
CVE-2016-3485LOWCVSS 2.9v1.6.0v1.7.0+1 more2016-07-21
CVE-2016-3485 [LOW] CVE-2016-3485: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRock
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
nvd
CVE-2016-0687CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2016-04-21
CVE-2016-0687 [CRITICAL] CVE-2016-0687: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows r
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component.
nvd
CVE-2016-3443CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2016-04-21
CVE-2016-3443 [CRITICAL] CVE-2016-3443: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafte
nvd
CVE-2016-0686CRITICALCVSS 9.6v1.6.0v1.7.0+1 more2016-04-21
CVE-2016-0686 [CRITICAL] CVE-2016-0686: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows r
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.
nvd
CVE-2016-3427CRITICALCVSS 9.8KEVPoCv1.6.0v1.7.0+1 more2016-04-21
CVE-2016-3427 [CRITICAL] CWE-284 CVE-2016-3427: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
nvd
CVE-2016-3449HIGHCVSS 8.3v1.6.0v1.7.0+1 more2016-04-21
CVE-2016-3449 [HIGH] CVE-2016-3449: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.
nvd
CVE-2016-0695MEDIUMCVSS 5.9v1.6.0v1.7.0+1 more2016-04-21
CVE-2016-0695 [MEDIUM] CVE-2016-0695: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
nvd
CVE-2016-3422MEDIUMCVSS 4.3v1.6.0v1.7.0+1 more2016-04-21
CVE-2016-3422 [MEDIUM] CVE-2016-3422: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D.
nvd
CVE-2016-3425MEDIUMCVSS 4.3v1.6.0v1.7.0+1 more2016-04-21
CVE-2016-3425 [MEDIUM] CVE-2016-3425: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
nvd
CVE-2016-3426LOWCVSS 3.1v1.8.02016-04-21
CVE-2016-3426 [LOW] CVE-2016-3426: Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers t
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE.
nvd
CVE-2016-0636HIGHCVSS 8.1v1.7.0v1.8.02016-03-24
CVE-2016-0636 [HIGH] CVE-2016-0636: Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect c
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
nvd