Oracle Jre vulnerabilities
790 known vulnerabilities affecting oracle/jre.
Total CVEs
790
CISA KEV
14
actively exploited
Public exploits
32
Exploited in wild
16
Severity breakdown
CRITICAL205HIGH119MEDIUM346LOW118
Vulnerabilities
Page 20 of 40
CVE-2015-4731CRITICALCVSS 10.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-4731 [CRITICAL] CVE-2015-4731: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
nvd
CVE-2015-4748HIGHCVSS 7.6v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-4748 [HIGH] CVE-2015-4748: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embed
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
nvd
CVE-2015-2597HIGHCVSS 7.2v1.7.0v1.8.02015-07-16
CVE-2015-2597 [HIGH] CVE-2015-2597: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiali
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
nvd
CVE-2015-2659MEDIUMCVSS 5.0v1.8.02015-07-16
CVE-2015-2659 [MEDIUM] CVE-2015-2659: Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers t
Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security.
nvd
CVE-2015-2664MEDIUMCVSS 6.9v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2664 [MEDIUM] CVE-2015-2664: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confid
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
nvd
CVE-2015-2613MEDIUMCVSS 5.0v1.7.0v1.8.02015-07-16
CVE-2015-2613 [MEDIUM] CVE-2015-2613: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
nvd
CVE-2015-2621MEDIUMCVSS 5.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2621 [MEDIUM] CVE-2015-2621: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
nvd
CVE-2015-2619MEDIUMCVSS 5.0v1.7.0v1.8.02015-07-16
CVE-2015-2619 [MEDIUM] CVE-2015-2619: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
nvd
CVE-2015-4729MEDIUMCVSS 4.0v1.7.0v1.8.02015-07-16
CVE-2015-4729 [MEDIUM] CVE-2015-4729: Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confiden
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
nvd
CVE-2015-4749MEDIUMCVSS 4.3v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-4749 [MEDIUM] CVE-2015-4749: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embed
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
nvd
CVE-2015-2601MEDIUMCVSS 5.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2601 [MEDIUM] CVE-2015-2601: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embed
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
nvd
CVE-2015-2637MEDIUMCVSS 5.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2637 [MEDIUM] CVE-2015-2637: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedde
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
nvd
CVE-2015-2596MEDIUMCVSS 4.3v1.7.02015-07-16
CVE-2015-2596 [MEDIUM] CVE-2015-2596: Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unk
Unspecified vulnerability in Oracle Java SE 7u80 allows remote attackers to affect integrity via unknown vectors related to Hotspot.
nvd
CVE-2015-2632MEDIUMCVSS 5.0v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2632 [MEDIUM] CVE-2015-2632: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect c
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
nvd
CVE-2015-2627LOWCVSS 2.6v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2627 [LOW] CVE-2015-2627: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect c
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to installation.
nvd
CVE-2015-2625LOWCVSS 2.6v1.6.0v1.7.0+1 more2015-07-16
CVE-2015-2625 [LOW] CVE-2015-2625: Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embed
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
nvd
CVE-2015-4000LOWCVSS 3.7PoCv1.6.0v1.7.0+1 more2015-05-21
CVE-2015-4000 [LOW] CWE-310 CVE-2015-4000: The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, a
nvd
CVE-2015-0492CRITICALCVSS 9.3v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0492 [CRITICAL] CVE-2015-0492: Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attacker
Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.
nvd
CVE-2015-0491CRITICALCVSS 10.0v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0491 [CRITICAL] CVE-2015-0491: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0459.
nvd
CVE-2015-0469CRITICALCVSS 10.0v1.5.0v1.6.0+2 more2015-04-16
CVE-2015-0469 [CRITICAL] CVE-2015-0469: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
nvd