Software Detail

Software Informaton Top

Programming

Software Detail

Java (Oracle JDK)

Number Of NVD

974

CRITICAL

HIGH

411

MEDIUM

412

LOW

114

URL	https://java.com/
Explanation	Java is a programming language and computing platform that was first released by Sun Microsystems in 1995. Excerpt from [https://java.com/ja/download/faq/whatis_java.xml] Intermediate files compiled from source code can be executed on various platforms (operating systems) via the JVM (Java Virtual Machine). Since the JVM absorbs platform differences, the developer does not have to be aware of the platform. Java has played a major role in the spread of object-oriented languages. It is now used in many enterprise systems and is a required language for business. Because it compiles, it has the advantage of running faster than interpreted languages such as Python and PHP. Currently, it is managed by Oracle since Sun Microsystems was merged into Oracle. Oracle JDK (Java Development Kit): A collection of functions necessary for the development and execution of Java. JRE (Java Runtime Environment): A collection of items required to run Java. Java SE (Java Platform, Standard Edition): A collection of standard features for developing Java applications on desktops and servers. Java EE (Java Platform, Enterprise Edition): Java SE with additional enterprise features (required for web application development) Java ME (Java Platform, Micro Edition): A collection of features required for embedded crises and mobile devices in the IoT. Every six months a new Java SE is released, and every three years an LTS (Long Term Support) version is released. The current LTS is Oracle Java SE 11 and it is paid for. Starting with Java 11, the JRE is no longer distributed solely as a JRE. Java EE was donated to the Eclipse Foundation in 2017 to be open sourced, and has been developed as Jakarta EE since Java EE 9. LTS has Premier Support for 5 years after release and Extended Support for the next 3 years, for a total of 8 years of support. All versions other than LTS are entitled to Premier Support for six months after release. A free Open JDK will also be released, but support will expire every six months, increasing the burden of migration.
Tag	オープンソース商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://www.oracle.com/java/technologies/java-se-support-roadmap.html
2			https://www.oracle.com/technetwork/jp/java/eol-135779-ja.html
3			http://jdk.java.net/

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Extended for a fee	Critical	High	Medium	Low
321	Oracle JDK 18			March 1, 2022	Sept. 30, 2022		0	3	5	0
322	Oracle JDK 17（LTS）	17.0.8	July 18, 2023	Sept. 1, 2021	Sept. 30, 2026	Sept. 30, 2029	0	9	33	18
323	Oracle JDK 16			March 1, 2021	Sept. 30, 2021		0	1	4	0
324	Oracle JDK 15			Sept. 1, 2020	March 31, 2021		0	0	3	6
325	Oracle JDK 14			March 1, 2020	Sept. 30, 2020		0	5	8	9
326	Oracle JDK 13			Sept. 1, 2019	March 31, 2020		0	1	10	15
327	Oracle JDK 12			March 1, 2019	Sept. 30, 2019		0	1	7	3
328	Oracle JDK 11 (LTS)	11.0.16	July 19, 2022	Sept. 1, 2018	Sept. 30, 2023	Sept. 30, 2026	1	17	67	55
329	Oracle JDK 10			March 1, 2018	Sept. 30, 2018		0	7	10	2
330	Oracle JDK 9			Sept. 1, 2017	March 31, 2018		0	5	14	1
331	Oracle JDK 8 (LTS)			March 1, 2014	March 31, 2022	Dec. 31, 2030	1	1	2	0
332	Oracle JDK 7 (LTS)			July 1, 2011	July 31, 2019	July 31, 2022	0	2	2	0
333	Oracle JDK 19	19					0	0	5	4
334	Oracle JDK -	-					2	194	133	22
335	JDK 6	6.0			Jan. 1, 2000		0	28	12	1
336	JDK 5	5.0			Jan. 1, 2000		0	28	13	0
337	JDK 1.9	1.9.1			Jan. 1, 2000		2	28	23	1
338	JDK 1.8	1.8.0			Jan. 1, 2000		32	149	207	76
339	JDK 1.7	1.7.0			Jan. 1, 2000		28	255	279	73
340	JDK 1.6	1.6.0.300			Jan. 1, 2000		24	320	277	47
341	JDK 1.5	1.5.0.320			Jan. 1, 2000		2	250	189	30
342	JDK 1.4	1.4.2_9			Jan. 1, 2000		2	197	135	23
343	JDK 1.3	1.3.1_28			Jan. 1, 2000		2	199	133	22
344	JDK 1.2	1.2.2			Jan. 1, 2000		2	196	134	22
345	JDK 1.2	1.1.8			Jan. 1, 2000		2	195	135	22
346	JDK 1.10	1.10.0			Jan. 1, 2000		2	194	133	22

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
321	- 4.0	MEDIUM	Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality…	NVD-CWE-noinfo	CVE-2016-0448	cpe:2.3:a:oracle:jdk:1.8.0:update66 cpe:2.3:a:oracle:jdk:1.7.0:update91 cpe:2.3:a:oracle:jdk:1.6.0:update105	2024-11-21 11:41 2016-01-21	Show	GitHub Exploit DB Packet Storm

322	- 5.0	MEDIUM	Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vect…	NVD-CWE-noinfo	CVE-2016-0402	cpe:2.3:a:oracle:jdk:1.8.0:update66 cpe:2.3:a:oracle:jdk:1.7.0:update91 cpe:2.3:a:oracle:jdk:1.6.0:update105	2024-11-21 11:41 2016-01-21	Show	GitHub Exploit DB Packet Storm

323	- 7.5	HIGH	Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x …	CWE-120 Classic Buffer Overflow	CVE-2015-8126	cpe:2.3:a:oracle:jdk:1.8.0:update66 cpe:2.3:a:oracle:jdk:1.8.0:update65 cpe:2.3:a:oracle:jdk:1.7.0:update91 cp…	2024-11-21 11:38 2015-11-13	Show	GitHub Exploit DB Packet Storm

324	5.3 5.0	MEDIUM Network	Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.	NVD-CWE-noinfo CWE-284 Improper Access Control	CVE-2015-4902	cpe:2.3:a:oracle:jdk:1.8.0:update60 cpe:2.3:a:oracle:jdk:1.7.0:update85 cpe:2.3:a:oracle:jdk:1.6.0:update101	2026-04-22 22:04 2015-10-22	Show	GitHub Exploit DB Packet Storm

325	- 5.0	MEDIUM	Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-490…	NVD-CWE-noinfo	CVE-2015-4916	cpe:2.3:a:oracle:jdk:1.8.0:update60	2024-11-21 11:32 2015-10-22	Show	GitHub Exploit DB Packet Storm

326	- 5.0	MEDIUM	Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different v…	NVD-CWE-noinfo	CVE-2015-4911	cpe:2.3:a:oracle:jdk:1.8.0:update60 cpe:2.3:a:oracle:jdk:1.8.0:update51 cpe:2.3:a:oracle:jdk:1.7.0:update85 cp…	2024-11-21 11:32 2015-10-22	Show	GitHub Exploit DB Packet Storm

327	- 5.0	MEDIUM	Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2015-4906 and CVE-2015-491…	NVD-CWE-noinfo	CVE-2015-4908	cpe:2.3:a:oracle:jdk:1.8.0:update60	2024-11-21 11:32 2015-10-22	Show	GitHub Exploit DB Packet Storm

328	- 5.0	MEDIUM	Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX, a different vulnerability than CVE-2015-490…	NVD-CWE-noinfo	CVE-2015-4906	cpe:2.3:a:oracle:jdk:1.8.0:update60	2024-11-21 11:31 2015-10-22	Show	GitHub Exploit DB Packet Storm

329	- 5.0	MEDIUM	Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.	NVD-CWE-noinfo	CVE-2015-4903	cpe:2.3:a:oracle:jdk:1.8.0:update60 cpe:2.3:a:oracle:jdk:1.8.0:update51 cpe:2.3:a:oracle:jdk:1.7.0:update85 cp…	2024-11-21 11:31 2015-10-22	Show	GitHub Exploit DB Packet Storm

330	- 9.3	HIGH	Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.	NVD-CWE-noinfo	CVE-2015-4901	cpe:2.3:a:oracle:jdk:1.8.0:update60	2024-11-21 11:31 2015-10-22	Show	GitHub Exploit DB Packet Storm