How should we interpret CVSS severity scores?

CVSS estimates technical severity, but it does not automatically equal business risk. Prioritize using context like internet exposure, asset criticality, known exploitation, and whether compensating controls exist. A Medium CVSS on an exposed production system can be more urgent than a Critical on an isolated non-production host.

Vulnerability Database

Q: What is a Vulnerability (CVE) and why does it matter?

A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.

Q: What's the difference between a vulnerability, an exploit, and a zero-day?

A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. Risk increases sharply when exploitation becomes reliable or widespread.

Q: Why do vulnerabilities keep reappearing in our environment?

Recurring findings usually come from incomplete asset discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host.

Q: How do we prioritize remediation without burning out the team?

Use a repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress so remediation is steady, not reactive.

Q: How can SynScan help reduce vulnerability risk over time?

SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.

346,508

Total vulnerabilities in the database

Vulnerabilities for products matching "jdk"

Found 3 matching products. Filters apply to all results.

You can search for specific versions with /product/jdk/1.2.3

sun / jdk

15577 vulnerabilities found

Title	Severity	Date	Affected Version
CVE-2009-1101	Medium	March 25, 2009 3/25/09	== 1.6.0-update_4 == 1.6.0-update_7 == 1.6.0-update_3 == 1.6.0-update_11 == 1.6.0-update_10 == 1.6.0 == 1.6.0-update_5 == 1.6.0-update2 <= 1.6.0 == 1.6.0-update1_b06 == 1.6.0-update1 == 1.6.0-update_6
CVE-2009-1106	Medium	March 25, 2009 3/25/09	== 1.6.0-update_11 == 1.6.0-update_10 == 1.6.0-update_12
CVE-2008-5339	Medium	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5340	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5341	Medium	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5342	Medium	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5343	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5344	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5345	High	December 5, 2008 12/5/08	== 1.6.0-update_4 == 1.6.0-update_7 == 1.5.0-update15 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update16 == 1.6.0-update_10 == 1.5.0-update9 == 1.6.0-update_5 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update11_b03 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update7_b03 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.6.0-update_6 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-5346	High	December 5, 2008 12/5/08	== 1.5.0-update15 == 1.5.0-update3 == 1.5.0-update11 == 1.5.0-update16 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update11_b03 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update7_b03 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0
CVE-2008-5347	High	December 5, 2008 12/5/08	== 6-update_6 == 6-update_7 == 6-update_1 == 6 == 6-update_3 == 6-update_4 <= 6 == 6-update_8 == 6-update_2 == 6-update_5
CVE-2008-5348	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5349	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_4 <= 6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2
CVE-2008-5350	Medium	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5351	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5352	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_4 <= 6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2
CVE-2008-5353	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5354	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5355	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5356	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-5357	High	December 5, 2008 12/5/08	== 1.6.0-update_4 == 1.6.0-update_7 == 1.5.0-update3 == 1.6.0-update_3 == 1.6.0-update_10 == 1.5.0-update9 == 1.6.0-update_5 == 1.5.0-update6 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update5 == 1.5.0-update7_b03 == 1.5.0-update2 == 1.5.0-update8 == 1.6.0-update_6 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-5358	High	December 5, 2008 12/5/08	== 6-update_6 == 6-update_7 == 6-update_1 == 6 == 6-update_3 == 6-update_4 <= 6 == 6-update_8 == 6-update_2 == 6-update_5
CVE-2008-5359	High	December 5, 2008 12/5/08	== 1.6.0-update_4 == 1.6.0-update_7 == 1.5.0-update3 == 1.6.0-update_3 == 1.6.0-update_10 == 1.5.0-update9 == 1.6.0 == 1.6.0-update_5 == 1.5.0-update6 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0 == 1.5.0-update5 == 1.5.0-update7_b03 == 1.5.0-update2 == 1.5.0-update8 == 1.6.0-update_6 == 1.5.0-update10
CVE-2008-5360	Medium	December 5, 2008 12/5/08	== 1.6.0-update_4 == 1.6.0-update_7 == 1.5.0-update15 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update16 == 1.6.0-update_10 == 1.6.0-update_5 == 1.5.0-update14 == 1.5.0-update11_b03 == 1.5.0-update1 == 1.5.0-update12 == 1.5.0-update2 == 1.5.0-update13 == 1.6.0-update_6 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-2086	High	December 5, 2008 12/5/08	== 5.0-update_12 == 5.0-update_15 <= 5.0 == 5.0-update_3 == 5.0-update_11 == 6-update_6 == 6-update_7 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 6-update_9 == 5.0-update_5 == 6-update_4 <= 6 == 5.0-update_6 == 5.0-update_14 == 6-update_8 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3103	High	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6-update_3 == 5.0-update_5 == 6-update_4 == 5.0-update_6 <= 6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 <= 5.0 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3104	Medium	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6-update_3 == 5.0-update_5 == 6-update_4 == 5.0-update_6 <= 6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 1.5.0-update_12 == 6-update_5 == 5.0-update_10 == 5.0-update_2 <= 5.0 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3105	High	July 9, 2008 7/9/08	== 6-update_1 == 6-update_3 == 6-update_4 <= 6 == 6-update_2 == 6-update_5
CVE-2008-3106	Low	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6-update_3 == 5.0-update_5 == 6-update_4 == 5.0-update_6 <= 6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 <= 5.0 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3107	High	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6-update_3 == 5.0-update_5 == 6-update_4 == 5.0-update_6 <= 6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 <= 5.0 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3108	High	July 9, 2008 7/9/08	== 1.5.0-update3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update5 == 1.5.0-update7_b03 == 1.5.0-update2 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0
CVE-2008-3109	High	July 9, 2008 7/9/08	== 6-update_1 == 6-update_3 == 6-update_4 <= 6 == 6-update_2 == 6-update_5
CVE-2008-3110	Low	July 9, 2008 7/9/08	== 6-update_1 == 6-update_3 == 6-update_4 <= 6 == 6-update_2 == 6-update_5
CVE-2008-3111	High	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_15 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6-update_3 == 5.0-update_5 == 5.0-update_6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3112	High	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 6-update_1 == 6-update_3 == 5.0-update_5 == 6-update_4 == 5.0-update_6 <= 6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 <= 5.0 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3113	High	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 5.0-update_1 == 5.0-update_5 == 5.0-update_6 == 5.0-update_14 == 5.0-update_13 == 5.0-update_10 == 5.0-update_2 <= 5.0 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3114	Medium	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 6-update_1 == 6-update_3 == 5.0-update_5 == 6-update_4 == 5.0-update_6 <= 6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_2 <= 5.0 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-3115	High	July 9, 2008 7/9/08	== 5.0-update_12 == 5.0-update_15 == 5.0-update_11 == 5.0-update_8 == 6-update_1 == 6-update_3 == 6-update_4 == 5.0-update_6 <= 6 == 5.0-update_14 == 6-update_2 == 5.0-update_13 == 6-update_5 == 5.0-update_10 == 5.0-update_9 == 5.0-update_7
CVE-2008-1185	High	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.6.0 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10
CVE-2008-1186	High	March 6, 2008 3/6/08	== 1.5.0-update3 == 1.5.0-update11 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10
CVE-2008-1187	Medium	March 6, 2008 3/6/08	== 5.0-update_12 == 5.0-update_3 == 5.0-update_11 == 5.0-update_8 == 5.0-update_1 == 6-update_1 == 6 == 6-update_3 == 5.0-update_5 == 5.0-update_6 <= 5.0 == 6-update_2 == 5.0-update_13 <= 6 == 5.0-update_10 == 5.0-update_2 == 5.0-update_4 == 5.0-update_9 == 5.0-update_7
CVE-2008-1188	High	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-1189	Medium	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-1190	High	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-1191	Medium	March 6, 2008 3/6/08	<= 6_update_4
CVE-2008-1192	Medium	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-1193	High	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-1194	Low	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-1195	High	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0
CVE-2008-1196	Medium	March 6, 2008 3/6/08	== 1.6.0-update_4 == 1.5.0-update3 == 1.5.0-update11 == 1.6.0-update_3 == 1.5.0-update9 == 1.5.0-update6 == 1.5.0-update14 == 1.5.0-update1 == 1.5.0-update4 == 1.5.0-update7 == 1.5.0-update12 == 1.5.0-update5 == 1.5.0-update2 == 1.5.0-update13 == 1.5.0-update8 == 1.5.0-update10 == 1.5.0 == 1.6.0

oracle / jdk

8205 vulnerabilities found

Title	Severity	Date	Affected Version
CVE-2017-10053	Medium	August 8, 2017 8/8/17	== 1.8.0-update131 == 1.7.0-update141 == 1.6.0-update151
CVE-2016-9840	High	May 23, 2017 5/23/17	== 1.8.0-update144 == 1.7.0-update151 == 1.6.0-update161
CVE-2016-9841	Critical	May 23, 2017 5/23/17	== 1.8.0-update144 == 1.7.0-update151 == 1.6.0-update161
CVE-2016-9842	High	May 23, 2017 5/23/17	== 1.8.0-update144 == 1.7.0-update151 == 1.6.0-update161
CVE-2016-9843	Critical	May 23, 2017 5/23/17	== 1.8.0-update144 == 1.7.0-update151 == 1.6.0-update161
CVE-2017-3539	Low	April 24, 2017 4/24/17	== 1.8.0-update121 == 1.7.0-update131 == 1.6.0-update141
CVE-2017-3544	Low	April 24, 2017 4/24/17	== 1.8.0-update121 == 1.7.0-update131 == 1.6.0-update141
CVE-2017-3509	Low	April 24, 2017 4/24/17	== 1.6-update_141 == 1.8-update_121 == 1.7-update_131
CVE-2017-3511	Low	April 24, 2017 4/24/17	== 1.6-update_141 == 1.8-update_121 == 1.7-update_131
CVE-2017-3512	Medium	April 24, 2017 4/24/17	== 1.8.0-update121 == 1.7.0-update131
CVE-2017-3514	Medium	April 24, 2017 4/24/17	== 1.6-update_141 == 1.8-update_121 == 1.7-update_131
CVE-2017-3526	High	April 24, 2017 4/24/17	== 1.6-update_141 == 1.8-update_121 == 1.7-update_131
CVE-2017-3533	Low	April 24, 2017 4/24/17	== 1.8.0-update121 == 1.7.0-update131 == 1.6.0-update141
CVE-2017-3272	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2017-3289	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.8-update_112
CVE-2017-3231	Low	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2017-3241	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2017-3252	Low	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2017-3253	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2017-3259	Low	January 27, 2017 1/27/17	== 1.7-update_121 == 1.6-update_131 == 1.8-update_112
CVE-2017-3260	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_112
CVE-2017-3261	Low	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2017-3262	Medium	January 27, 2017 1/27/17	== 1.8-update_112
CVE-2016-8328	Low	January 27, 2017 1/27/17	== 1.8-update_112
CVE-2016-5546	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2016-5547	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.8-update_112
CVE-2016-5548	Low	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2016-5549	Low	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.8-update_112
CVE-2016-5552	Medium	January 27, 2017 1/27/17	== 1.7-update_121 == 1.8-update_111 == 1.6-update_131 == 1.8-update_112
CVE-2016-5597	Low	October 25, 2016 10/25/16	== 1.8.0-update101 == 1.8.0-update102 == 1.7.0-update111 == 1.6.0-update121
CVE-2016-5582	High	October 25, 2016 10/25/16	== 1.8.0-update101 == 1.8.0-update102 == 1.7.0-update111 == 1.6.0-update121
CVE-2016-5573	Medium	October 25, 2016 10/25/16	== 1.8.0-update101 == 1.8.0-update102 == 1.7.0-update111 == 1.6.0-update121
CVE-2016-5568	High	October 25, 2016 10/25/16	== 1.8.0-update102 == 1.7.0-update111 == 1.6.0-update121
CVE-2016-5556	High	October 25, 2016 10/25/16	== 1.8.0-update102 == 1.7.0-update111 == 1.6.0-update121
CVE-2016-5554	Low	October 25, 2016 10/25/16	== 1.8.0-update101 == 1.8.0-update102 == 1.7.0-update111 == 1.6.0-update121
CVE-2016-5542	Low	October 25, 2016 10/25/16	== 1.8.0-update101 == 1.8.0-update102 == 1.7.0-update111 == 1.6.0-update121
CVE-2016-3610	High	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92
CVE-2016-3606	Medium	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92 == 1.7.0-update101
CVE-2016-3598	High	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92
CVE-2016-3587	High	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92
CVE-2016-3552	Medium	July 21, 2016 7/21/16	== 1.8.0-update92
CVE-2016-3550	Low	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92 == 1.7.0-update101 == 1.6.0-update115
CVE-2016-3511	Medium	July 21, 2016 7/21/16	== 1.8.0-update92 == 1.7.0-update101
CVE-2016-3508	Medium	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92 == 1.7.0-update101 == 1.6.0-update115
CVE-2016-3503	Low	July 21, 2016 7/21/16	== 1.8.0-update92 == 1.7.0-update101 == 1.6.0-update115
CVE-2016-3500	Medium	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92 == 1.7.0-update101 == 1.6.0-update115
CVE-2016-3498	Medium	July 21, 2016 7/21/16	== 1.8.0-update92 == 1.7.0-update101
CVE-2016-3485	Low	July 21, 2016 7/21/16	== 1.8.0-update91 == 1.8.0-update92 == 1.7.0-update101 == 1.6.0-update115
CVE-2016-3458	Low	July 21, 2016 7/21/16	== 1.8.0-update92 == 1.7.0-update101 == 1.6.0-update115
CVE-2016-3449	High	April 21, 2016 4/21/16	== 1.8.0-update77 == 1.6.0-update113 == 1.7.0-update99

Showing vulnerabilities for 3 products matching "jdk". Each product has independent pagination.

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo

Frequently Asked Questions

What is a Vulnerability (CVE) and why does it matter?

A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.

CVSS (Common Vulnerability Scoring System) estimates technical severity, but it doesn't automatically equal business risk. Prioritize using context like internet exposure, affected asset criticality, known exploitation (proof-of-concept or in-the-wild), and whether compensating controls exist. A "Medium" CVSS on an exposed, production system can be more urgent than a "Critical" on an isolated, non-production host.

A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. In practice, risk increases sharply when exploitation becomes reliable or widespread.

Recurring findings usually come from incomplete Asset Discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host. Unknown or unmanaged assets (often called Shadow IT) are a common reason the same issues resurface.

Use a simple, repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress using consistent metrics so remediation is steady, not reactive.

SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.