Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-5bmx-ugmn-bkf8
Vulnerability ID VCID-5bmx-ugmn-bkf8
Aliases CVE-2010-0094
Summary The Oracle JDK and JRE are vulnerable to multiple unspecified vulnerabilities.
Status Published
Exploitability 2.0
Weighted Severity 0.8
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.86987 https://api.first.org/data/v1/epss?cve=CVE-2010-0094
epss 0.86987 https://api.first.org/data/v1/epss?cve=CVE-2010-0094
epss 0.86987 https://api.first.org/data/v1/epss?cve=CVE-2010-0094
epss 0.86987 https://api.first.org/data/v1/epss?cve=CVE-2010-0094
epss 0.86987 https://api.first.org/data/v1/epss?cve=CVE-2010-0094
epss 0.86987 https://api.first.org/data/v1/epss?cve=CVE-2010-0094
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0094.json
https://api.first.org/data/v1/epss?cve=CVE-2010-0094
575769 https://bugzilla.redhat.com/show_bug.cgi?id=575769
CVE-2010-0094;OSVDB-63484 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/16305.rb
GLSA-201006-18 https://security.gentoo.org/glsa/201006-18
RHSA-2010:0383 https://access.redhat.com/errata/RHSA-2010:0383
RHSA-2010:0471 https://access.redhat.com/errata/RHSA-2010:0471
USN-923-1 https://usn.ubuntu.com/923-1/
Data source Exploit-DB
Date added Sept. 27, 2010
Description Java - RMIConnectionImpl Deserialization Privilege Escalation (Metasploit)
Ransomware campaign use Known
Source publication date Sept. 27, 2010
Exploit type remote
Platform multiple
Source update date March 6, 2011
Data source Metasploit
Description This module exploits a vulnerability in the Java Runtime Environment that allows to deserialize a MarshalledObject containing a custom classloader under a privileged context. The vulnerability affects version 6 prior to update 19 and version 5 prior to update 23.
Note 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date March 31, 2010
Platform Java
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/java_rmi_connection_impl.rb
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.99429
EPSS Score 0.86987
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:13.614198+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201006-18 38.0.0