Oracle Jre vulnerabilities

790 known vulnerabilities affecting oracle/jre.

Total CVEs

790

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL205HIGH119MEDIUM346LOW118

Vulnerabilities

Page 26 of 40

CVE-2014-0453MEDIUMCVSS 4.0v1.5.0v1.6.0+2 more2014-04-16

CVE-2014-0453 [MEDIUM] CVE-2014-0453: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

nvd

CVE-2014-0459MEDIUMCVSS 4.3v1.7.0v1.8.02014-04-16

CVE-2014-0459 [MEDIUM] CVE-2014-0459: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote att Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D.

nvd

CVE-2014-0464MEDIUMCVSS 4.3v1.8.02014-04-16

CVE-2014-0464 [MEDIUM] CVE-2014-0464: Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality via unknown vectors related to Scripting, a different vulnerability than CVE-2014-0463.

nvd

CVE-2014-0460MEDIUMCVSS 5.8v1.5.0v1.6.0+2 more2014-04-16

CVE-2014-0460 [MEDIUM] CVE-2014-0460: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.

nvd

CVE-2014-2422MEDIUMCVSS 6.8v1.7.0v1.8.02014-04-16

CVE-2014-2422 [MEDIUM] CVE-2014-2422: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and JavaFX 2.2.51, allows remote attackers t Unspecified vulnerability in Oracle Java SE 7u51 and 8, and JavaFX 2.2.51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

nvd

CVE-2014-2398LOWCVSS 3.5v1.5.0v1.6.0+2 more2014-04-16

CVE-2014-2398 [LOW] CVE-2014-2398: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R2 Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.

nvd

CVE-2014-2420LOWCVSS 2.6v1.6.0v1.7.0+1 more2014-04-16

CVE-2014-2420 [LOW] CVE-2014-2420: Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows rem Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment.

nvd

CVE-2014-0408CRITICALCVSS 9.3v1.7.02014-01-15

CVE-2014-0408 [CRITICAL] CVE-2014-0408: Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to a Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

nvd

CVE-2013-5907CRITICALCVSS 10.0v1.5.0v1.7.0+1 more2014-01-15

CVE-2013-5907 [CRITICAL] CVE-2013-5907: Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Jav Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims tha

nvd

CVE-2014-0415CRITICALCVSS 10.0v1.7.0v1.6.02014-01-15

CVE-2014-0415 [CRITICAL] CVE-2014-0415: Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confiden Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.

nvd

CVE-2014-0385CRITICALCVSS 9.3v1.7.02014-01-15

CVE-2014-0385 [CRITICAL] CVE-2014-0385: Unspecified vulnerability in Oracle Java SE 7u45, when installing on OS X, allows remote attackers t Unspecified vulnerability in Oracle Java SE 7u45, when installing on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.

nvd

CVE-2013-5893CRITICALCVSS 9.3v1.7.02014-01-15

CVE-2013-5893 [CRITICAL] CVE-2013-5893: Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows re Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper h

nvd

CVE-2014-0428CRITICALCVSS 10.0v1.6.0v1.5.0+1 more2014-01-15

CVE-2014-0428 [CRITICAL] CVE-2014-0428: Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJ Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insuffi

nvd

CVE-2014-0417CRITICALCVSS 9.3v1.5.0v1.7.0+1 more2014-01-15

CVE-2014-0417 [CRITICAL] CVE-2014-0417: Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embed Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

nvd

CVE-2013-5889CRITICALCVSS 9.3v1.7.0v1.6.02014-01-15

CVE-2013-5889 [CRITICAL] CVE-2013-5889: Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confiden Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.

nvd

CVE-2014-0410CRITICALCVSS 10.0v1.7.0v1.6.02014-01-15

CVE-2014-0410 [CRITICAL] CVE-2014-0410: Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confiden Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.

nvd

CVE-2014-0422CRITICALCVSS 10.0v1.5.0v1.6.0+1 more2014-01-15

CVE-2014-0422 [CRITICAL] CVE-2014-0422: Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJ Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing p

nvd

CVE-2014-0424HIGHCVSS 7.5v1.7.0v1.6.02014-01-15

CVE-2014-0424 [HIGH] CVE-2014-0424: Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confiden Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0418.

nvd

CVE-2013-5878HIGHCVSS 7.5v1.6.0v1.7.02014-01-15

CVE-2013-5878 [HIGH] CVE-2013-5878: Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allo Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not pr

nvd

CVE-2014-0387HIGHCVSS 7.6v1.6.0v1.7.02014-01-15

CVE-2014-0387 [HIGH] CVE-2014-0387: Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows r Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

nvd

← Previous26 / 40Next →