) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:oracle:jdk:1.8.0:update77:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-2801 |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. Note: The patch for this issue will address the vulnerability only if the WLS instance is using JDK 1.7.0_191 or later, or JDK 1.8.0_181 or later. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Published: April 15, 2020; 10:15:28 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2016-3449 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment. Published: April 21, 2016; 7:00:34 AM -0400 |
V3.0: 8.3 HIGH V2.0: 7.6 HIGH |
| CVE-2016-3443 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read. Published: April 21, 2016; 7:00:32 AM -0400 |
V3.0: 9.6 CRITICAL V2.0: 10.0 HIGH |
| CVE-2016-3427 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Published: April 21, 2016; 7:00:21 AM -0400 |
V3.0: 9.0 CRITICAL V2.0: 10.0 HIGH |
| CVE-2016-3426 |
Unspecified vulnerability in Oracle Java SE 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality via vectors related to JCE. Published: April 21, 2016; 7:00:20 AM -0400 |
V3.0: 3.1 LOW V2.0: 4.3 MEDIUM |
| CVE-2016-3425 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP. Published: April 21, 2016; 7:00:19 AM -0400 |
V3.0: 4.3 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2016-3422 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D. Published: April 21, 2016; 7:00:17 AM -0400 |
V3.0: 4.3 MEDIUM V2.0: 5.0 MEDIUM |
| CVE-2016-0695 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality via vectors related to Security. Published: April 21, 2016; 6:59:55 AM -0400 |
V3.0: 5.9 MEDIUM V2.0: 2.6 LOW |
| CVE-2016-0687 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to the Hotspot sub-component. Published: April 21, 2016; 6:59:47 AM -0400 |
V3.0: 9.6 CRITICAL V2.0: 10.0 HIGH |
| CVE-2016-0686 |
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. Published: April 21, 2016; 6:59:47 AM -0400 |
V3.0: 9.6 CRITICAL V2.0: 10.0 HIGH |