Jdk
Source repositories
CVEs (563)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-22007 | Low | 0.19 | 2.9 | 0.00 | Apr 21, 2026 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle… | ||
| CVE-2016-3485 | Low | 0.19 | 2.9 | 0.00 | Jul 21, 2016 | Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking. | ||
| CVE-2013-1488 | 0.10 | — | 0.87 | Mar 8, 2013 | The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as… | |||
| CVE-2013-1493 | 0.10 | — | 0.86 | Mar 5, 2013 | The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster… | |||
| CVE-2013-2460 | 0.09 | — | 0.70 | Jun 18, 2013 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous… | |||
| CVE-2012-5088 | 0.09 | — | 0.79 | Oct 16, 2012 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | |||
| CVE-2014-6593 | 0.08 | — | 0.67 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. | |||
| CVE-2012-5067 | 0.08 | — | 0.64 | Oct 16, 2012 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment. | |||
| CVE-2012-1533 | 0.08 | — | 0.69 | Oct 16, 2012 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different… | |||
| CVE-2012-5081 | 0.07 | — | 0.45 | Oct 16, 2012 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. | |||
| CVE-2010-1423 | 0.07 | — | 0.56 | Apr 15, 2010 | Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the (1) -J or (2)… | |||
| CVE-2013-2472 | 0.05 | — | 0.23 | Jun 18, 2013 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown… | |||
| CVE-2013-2470 | 0.05 | — | 0.23 | Jun 18, 2013 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown… | |||
| CVE-2013-1571 | 0.05 | — | 0.67 | Jun 18, 2013 | Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc.… | |||
| CVE-2013-2419 | 0.05 | — | 0.23 | Apr 17, 2013 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. … | |||
| CVE-2015-4748 | 0.04 | — | 0.47 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. | |||
| CVE-2013-2416 | 0.04 | — | 0.09 | Apr 17, 2013 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment. | |||
| CVE-2012-0547 | 0.04 | — | 0.12 | Aug 30, 2012 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be… | |||
| CVE-2012-0551 | 0.04 | — | 0.12 | May 3, 2012 | Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect… | |||
| CVE-2016-0494 | 0.01 | — | 0.07 | Jan 21, 2016 | Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
- risk 0.19cvss 2.9epss 0.00
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle…
- risk 0.19cvss 2.9epss 0.00
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.
- CVE-2013-1488Mar 8, 2013risk 0.10cvss —epss 0.87
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as…
- CVE-2013-1493Mar 5, 2013risk 0.10cvss —epss 0.86
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster…
- CVE-2013-2460Jun 18, 2013risk 0.09cvss —epss 0.70
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous…
- CVE-2012-5088Oct 16, 2012risk 0.09cvss —epss 0.79
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
- CVE-2014-6593Jan 21, 2015risk 0.08cvss —epss 0.67
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
- CVE-2012-5067Oct 16, 2012risk 0.08cvss —epss 0.64
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
- CVE-2012-1533Oct 16, 2012risk 0.08cvss —epss 0.69
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different…
- CVE-2012-5081Oct 16, 2012risk 0.07cvss —epss 0.45
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
- CVE-2010-1423Apr 15, 2010risk 0.07cvss —epss 0.56
Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the (1) -J or (2)…
- CVE-2013-2472Jun 18, 2013risk 0.05cvss —epss 0.23
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown…
- CVE-2013-2470Jun 18, 2013risk 0.05cvss —epss 0.23
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown…
- CVE-2013-1571Jun 18, 2013risk 0.05cvss —epss 0.67
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc.…
- CVE-2013-2419Apr 17, 2013risk 0.05cvss —epss 0.23
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. …
- CVE-2015-4748Jul 16, 2015risk 0.04cvss —epss 0.47
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
- CVE-2013-2416Apr 17, 2013risk 0.04cvss —epss 0.09
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
- CVE-2012-0547Aug 30, 2012risk 0.04cvss —epss 0.12
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be…
- CVE-2012-0551May 3, 2012risk 0.04cvss —epss 0.12
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect…
- CVE-2016-0494Jan 21, 2016risk 0.01cvss —epss 0.07
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Page 8 of 29