Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jre
(Oracle)| Repositories |
• https://github.com/madler/zlib
• https://github.com/glennrp/libpng |
| #Vulnerabilities | 767 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2010-04-01 | CVE-2010-0840 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE),... | Ubuntu_linux, Opensuse, Jre | 9.8 | ||
| 2011-10-19 | CVE-2011-3544 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. | Ubuntu_linux, Jdk, Jre, Satellite_with_embedded_oracle, Linux_enterprise_java, Linux_enterprise_server | 9.8 | ||
| 2012-06-16 | CVE-2012-1723 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Icedtea6 | 9.8 | ||
| 2012-10-16 | CVE-2012-5076 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS. | Jre, Linux_enterprise_desktop | N/A | ||
| 2013-04-17 | CVE-2013-2423 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using... | Ubuntu_linux, Opensuse, Jre | N/A | ||
| 2013-06-18 | CVE-2013-2465 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors... | Jre, Jre, Linux_enterprise_desktop, Linux_enterprise_java, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2015-10-22 | CVE-2015-4902 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment. | Leap, Opensuse, Jdk, Jre, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_eus_compute_node, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_big_endian, Enterprise_linux_for_power_big_endian_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_scientific_computing, Enterprise_linux_server, Enterprise_linux_server_from_rhui, Enterprise_linux_workstation, Satellite, Linux_enterprise_module_for_legacy, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A | ||
| 2024-07-16 | CVE-2024-21145 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE,... | Bluexp, Cloud_insights_storage_workload_security_agent, Oncommand_insight, Oncommand_workflow_automation, Graalvm, Graalvm_for_jdk, Jdk, Jre | 4.8 | ||
| 2024-10-15 | CVE-2024-21217 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java... | Graalvm, Graalvm_for_jdk, Jdk, Jre | N/A | ||
| 2012-06-07 | CVE-2012-0507 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the... | Debian_linux, Jre, Jre, Linux_enterprise_desktop, Linux_enterprise_java, Linux_enterprise_server, Linux_enterprise_software_development_kit | N/A |