Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jdk vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-41946
pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will crea...
Postgresql Postgresql Jdbc Driver 42.5.0
Postgresql Postgresql Jdbc Driver
Debian Debian Linux 10.0
2 Github repositories
5.5
CVSSv3
CVE-2021-21430
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave applicatio...
Openapi-generator Openapi Generator
5.5
CVSSv3
CVE-2020-17521
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some context...
Apache Groovy 4.0.0
Apache Groovy
Netapp Snapcenter -
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Ilearning 6.2
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
Oracle Primavera Unifier 19.12
Oracle Retail Bulk Data Integration 15.0.3.0
Oracle Retail Bulk Data Integration 16.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 16.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Services Gatekeeper 6.0
Oracle Communications Services Gatekeeper 6.1
5.5
CVSSv3
CVE-2020-15250
In JUnit4 from version 4.7 and prior to 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories...
Junit Junit4
Debian Debian Linux 9.0
Apache Pluto
Oracle Communications Cloud Native Core Policy 1.14.0
6 Github repositories
5.4
CVSSv3
CVE-2022-30963
Jenkins JDK Parameter Plugin 1.0 and previous versions does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Jdk Parameter
5.4
CVSSv3
CVE-2017-2612
In Jenkins prior to 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
Jenkins Jenkins
5.3
CVSSv3
CVE-2023-22067
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability...
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
5.3
CVSSv3
CVE-2023-22081
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle ...
Oracle Jdk 11.0.2
Oracle Jre 11.0.2
Oracle Graalvm For Jdk 17.0.8
Oracle Graalvm For Jdk 21
Oracle Jdk 21.0.0
Oracle Jre 21.0.0
Oracle Jdk 17.0.8
Oracle Jre 17.0.8
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
5.3
CVSSv3
CVE-2023-21939
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easi...
Oracle Jre 11.0.18
Oracle Jre 17.0.6
Oracle Jdk 11.0.18
Oracle Graalvm 20.3.9
Oracle Graalvm 21.3.5
Oracle Graalvm 22.3.1
Oracle Jdk 1.8.0
Oracle Jdk 17.0.6
Oracle Jre 1.8.0
Oracle Jre 20
Oracle Jdk 20
Netapp Oncommand Insight -
Netapp 7-mode Transition Tool -
Netapp Brocade San Navigator -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Oracle Openjdk 8
Oracle Openjdk 20
Oracle Openjdk
1 Github repository
5.3
CVSSv3
CVE-2023-21835
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable v...
Oracle Graalvm 21.3.4
Oracle Graalvm 22.3.0
Oracle Graalvm 20.3.8
Oracle Jre 11.0.17
Oracle Jre 17.0.5
Oracle Jre 19.0.1
Oracle Jdk 11.0.17
Oracle Jdk 17.0.5
Oracle Jdk 19.0.1
Azul Zulu 11.60
Azul Zulu 13.52
Azul Zulu 15.44
Azul Zulu 17.38
Azul Zulu 19.30
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »