Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4956
Shiro 1 Extractor This repository contains a Python script shiro1-extractor.py that will search all .pcl files within a specific directory and extract Apache Shiro 1 hashes from them, then write them to an output file. Usage usage: shiro1-extractor.py [-h] input_dir output_file ...
2 Github repositories
NA
CVE-2024-36114
Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. All decompressor implementations of Aircompressor (LZ4, LZO, Snappy, Zstandard) can crash the JVM for certain input, and in some cases also leak the content of other memor...
NA
CVE-2023-46442
An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under Java 8 allows malicious users to cause a Denial of Service (DoS).
1 Github repository
NA
CVE-2024-3967
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization.
NA
CVE-2024-32888
The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs) available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using the...
NA
CVE-2024-4701
A path traversal issue potentially leading to remote code execution in Genie for all versions before 4.3.18
1 Github repository
NA
CVE-2024-30171
An issue exists in Bouncy Castle Java TLS API and JSSE Provider prior to 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
NA
CVE-2024-30172
An issue exists in Bouncy Castle Java Cryptography APIs prior to 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
NA
CVE-2024-29857
An issue exists in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) prior to 1.78, BC Java LTS prior to 2.73.6, BC-FJA prior to 1.0.2.5, and BC C# .Net prior to 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during ...
NA
CVE-2024-28866
GoCD is a continuous delivery server. GoCD versions from 19.4.0 to 23.5.0 (inclusive) are potentially vulnerable to a reflected cross-site scripting vulnerability on the loading page displayed while GoCD is starting, via abuse of a `redirect_to` query parameter with inadequate va...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »