Oracle Jrockit vulnerabilities
107 known vulnerabilities affecting oracle/jrockit.
Total CVEs
107
CISA KEV
1
actively exploited
Public exploits
4
Exploited in wild
2
Severity breakdown
CRITICAL16HIGH18MEDIUM60LOW13
Vulnerabilities
Page 3 of 6
CVE-2017-3511HIGHCVSS 7.7vr28.3.132017-04-24
CVE-2017-3511 [HIGH] CVE-2017-3511: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit execut
nvd
CVE-2017-3526MEDIUMCVSS 5.9vr28.3.132017-04-24
CVE-2017-3526 [MEDIUM] CVE-2017-3526: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java
nvd
CVE-2017-3533LOWCVSS 3.7vr28.3.132017-04-24
CVE-2017-3533 [LOW] CVE-2017-3533: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via FTP to compromise Java SE, Java SE Embedded
nvd
CVE-2017-3544LOWCVSS 3.7vr28.3.132017-04-24
CVE-2017-3544 [LOW] CVE-2017-3544: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u141, 7u131 and 8u121; Java SE Embedded: 8u121; JRockit: R28.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via SMTP to compromise Java SE, Java SE Embedde
nvd
CVE-2017-3241CRITICALCVSS 9.0PoCvr28.3.12vR28.3.122017-01-27
CVE-2017-3241 [CRITICAL] CWE-20 CVE-2017-3241: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: R
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java
cvelistv5nvd
CVE-2017-3253HIGHCVSS 7.5vr28.3.12vR28.3.122017-01-27
CVE-2017-3253 [HIGH] CVE-2017-3253: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Em
cvelistv5nvd
CVE-2016-5546HIGHCVSS 7.5vr28.3.12vR28.3.122017-01-27
CVE-2016-5546 [HIGH] CVE-2016-5546: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: L
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Jav
cvelistv5nvd
CVE-2016-5552MEDIUMCVSS 5.3vr28.3.12vR28.3.122017-01-27
CVE-2016-5552 [MEDIUM] CVE-2016-5552: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: N
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE,
cvelistv5nvd
CVE-2017-3252MEDIUMCVSS 5.8vr28.3.122017-01-27
CVE-2017-3252 [MEDIUM] CVE-2017-3252: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: J
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java
nvd
CVE-2016-5547MEDIUMCVSS 5.3vr28.3.12vR28.3.122017-01-27
CVE-2016-5547 [MEDIUM] CVE-2016-5547: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: L
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE
cvelistv5nvd
CVE-2016-3500MEDIUMCVSS 5.3vr28.3.102016-07-21
CVE-2016-3500 [MEDIUM] CVE-2016-3500: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRock
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
nvd
CVE-2016-3508MEDIUMCVSS 5.3vr28.3.102016-07-21
CVE-2016-3508 [MEDIUM] CVE-2016-3508: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRock
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
nvd
CVE-2016-3485LOWCVSS 2.9vr28.3.102016-07-21
CVE-2016-3485 [LOW] CVE-2016-3485: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRock
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
nvd
CVE-2016-3427CRITICALCVSS 9.8KEVvr28.3.92016-04-21
CVE-2016-3427 [CRITICAL] CWE-284 CVE-2016-3427: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
nvd
CVE-2016-0695MEDIUMCVSS 5.9vr28.3.92016-04-21
CVE-2016-0695 [MEDIUM] CVE-2016-0695: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security.
nvd
CVE-2016-3425MEDIUMCVSS 4.3vr28.3.92016-04-21
CVE-2016-3425 [MEDIUM] CVE-2016-3425: Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRocki
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.
nvd
CVE-2016-0483CRITICALCVSS 10.0vr28.3.82016-01-21
CVE-2016-0483 [CRITICAL] CVE-2016-0483: Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRocki
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer o
nvd
CVE-2016-0475MEDIUMCVSS 5.8vr28.3.82016-01-21
CVE-2016-0475 [MEDIUM] CVE-2016-0475: Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
nvd
CVE-2015-4911MEDIUMCVSS 5.0vr28.3.72015-10-22
CVE-2015-4911 [MEDIUM] CVE-2015-4911: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRocki
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4893.
nvd
CVE-2015-4893MEDIUMCVSS 5.0vr28.3.72015-10-21
CVE-2015-4893 [MEDIUM] CVE-2015-4893: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRocki
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.
nvd