Sun Jre vulnerabilities
423 known vulnerabilities affecting sun/jre.
Total CVEs
423
CISA KEV
2
actively exploited
Public exploits
36
Exploited in wild
3
Severity breakdown
CRITICAL162HIGH77MEDIUM162LOW20
Vulnerabilities
Page 11 of 22
CVE-2011-0868MEDIUMCVSS 5.0≤ 1.6.0v1.6.02011-06-14
CVE-2011-0868 [MEDIUM] CVE-2011-0868: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
nvd
CVE-2011-0872MEDIUMCVSS 5.0≤ 1.6.0v1.6.02011-06-14
CVE-2011-0872 [MEDIUM] CVE-2011-0872: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect availability via unknown vectors related to NIO.
nvd
CVE-2011-0869MEDIUMCVSS 5.0≤ 1.6.0v1.6.02011-06-14
CVE-2011-0869 [MEDIUM] CVE-2011-0869: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ.
nvd
CVE-2011-0867MEDIUMCVSS 5.0≤ 1.4.2_31v1.4.2+34 more2011-06-14
CVE-2011-0867 [MEDIUM] CVE-2011-0867: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking.
nvd
CVE-2011-0865LOWCVSS 2.6≤ 1.4.2_31v1.4.2+34 more2011-06-14
CVE-2011-0865 [LOW] CVE-2011-0865: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization.
nvd
CVE-2010-4454CRITICALCVSS 10.0≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4454 [CRITICAL] CVE-2010-4454: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-
nvd
CVE-2010-4465CRITICALCVSS 10.0≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4465 [CRITICAL] CVE-2010-4465: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE:
nvd
CVE-2010-4462CRITICALCVSS 10.0≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4462 [CRITICAL] CVE-2010-4462: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-
nvd
CVE-2010-4473CRITICALCVSS 10.0≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4473 [CRITICAL] CVE-2010-4473: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-
nvd
CVE-2010-4469CRITICALCVSS 10.0≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4469 [CRITICAL] CVE-2010-4469: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE
nvd
CVE-2010-4463CRITICALCVSS 10.0v1.6.02011-02-17
CVE-2010-4463 [CRITICAL] CVE-2010-4463: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 21 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
nvd
CVE-2010-4467CRITICALCVSS 10.0v1.6.02011-02-17
CVE-2010-4467 [CRITICAL] CVE-2010-4467: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
nvd
CVE-2010-4452CRITICALCVSS 10.0PoC≤ 1.6.0v1.6.02011-02-17
CVE-2010-4452 [CRITICAL] CVE-2010-4452: Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Ja
Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.
nvd
CVE-2010-4451HIGHCVSS 7.6≤ 1.6.0v1.6.02011-02-17
CVE-2010-4451 [HIGH] CVE-2010-4451: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, when using Java Update, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
nvd
CVE-2010-4422HIGHCVSS 7.6≤ 1.6.0v1.6.02011-02-17
CVE-2010-4422 [HIGH] CVE-2010-4422: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
nvd
CVE-2010-4466MEDIUMCVSS 5.0≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4466 [MEDIUM] CVE-2010-4466: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Windows, Solaris, and, Linux; 5.0 Update 27 and earlier for Windows; and 1.4.2_29 and earlier for Windows allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vector
nvd
CVE-2010-4468MEDIUMCVSS 4.0≤ 1.6.0v1.6.0+2 more2011-02-17
CVE-2010-4468 [MEDIUM] CVE-2010-4468: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to JDBC.
nvd
CVE-2010-4447MEDIUMCVSS 4.3≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4447 [MEDIUM] CVE-2010-4447: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than C
nvd
CVE-2010-4475MEDIUMCVSS 4.3≤ 1.6.0v1.6.0+32 more2011-02-17
CVE-2010-4475 [MEDIUM] CVE-2010-4475: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment, a different vulnerability than C
nvd
CVE-2010-4470MEDIUMCVSS 5.0≤ 1.6.0v1.6.02011-02-17
CVE-2010-4470 [MEDIUM] CVE-2010-4470: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstre
nvd