Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java enterprise system vulnerabilities and exploits
(subscribe to this query)
2.6
CVSSv2
CVE-2006-3225
Cross-site scripting (XSS) vulnerability in Sun ONE Application Server 7 before Update 9, Java System Application Server 7 2004Q2 before Update 5, and Java System Application Server Enterprise Edition 8.1 2005 Q1 allows remote malicious users to inject arbitrary HTML or web scrip...
Sun One Application Server
Sun Java System Application Server 8.1
Sun Java System Application Server
2.4
CVSSv2
CVE-2010-2397
Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassFish Enterprise Server 2.1.1; allows local users to affect confidentiality and integrity, related to the GUI.
Oracle Java System Application Server 8.1
Oracle Java System Application Server 8.2
Oracle Java System Application Server 8.0
Oracle Glassfish Server 2.1.1
2.1
CVSSv2
CVE-2020-8908
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the ...
Google Guava
Quarkus Quarkus
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Data Integrator 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Weblogic Server 14.1.1.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Nosql Database
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1
Oracle Retail Customer Management And Segmentation Foundation
Oracle Communications Pricing Design Center 12.0.0.4.0
Oracle Communications Pricing Design Center 12.0.0.5.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Communications Cloud Native Core Network Repository Function 1.14.0
Oracle Primavera Unifier 21.12
Netapp Active Iq Unified Manager -
4 Github repositories
2.1
CVSSv2
CVE-2009-2712
Sun Java System Access Manager 6.3 2005Q1, 7.0 2005Q4, and 7.1; and OpenSSO Enterprise 8.0; when AMConfig.properties enables the debug flag, allows local users to discover cleartext passwords by reading debug files.
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
Sun Opensso Enterprise 8.0
1.9
CVSSv2
CVE-2022-24823
Netty is an open-source, asynchronous event-driven network application framework. The package `io.netty:netty-codec-http` prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can ...
Netty Netty
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
1 Github repository
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
NA
CVE-2023-39410
When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should upda...
Apache Avro
NA
CVE-2023-26049
Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an malicious user to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that...
Eclipse Jetty
Eclipse Jetty 12.0.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Unified Manager -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
NA
CVE-2023-26458
An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to other systems making those other systems vulnerable to information disclosure and ...
Sap Landscape Management 3.0
NA
CVE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz up to and including 6.0.0 allows malicious users to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Harfbuzz Project Harfbuzz
Fedoraproject Fedora 36
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »