Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-1729
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express 6 2005Q4 (aka 6.2) and 6.3 allow remote malicious users to inject arbitrary web script or HTML via (1) the abperson_displayName parameter to uwc/abs/search.xml in the Add Contact impleme...
Sun Java System Communications Express 6.3
Sun Java System Communications Express 6.2
2 EDB exploits
4.3
CVSSv2
CVE-2008-2518
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, probably rela...
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
6.8
CVSSv2
CVE-2006-2501
Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and previous versions, Java System Web Server 6.1 SP4 and previous versions, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and previous versions, and Java System Application Server 7 2004...
Sun Java System Web Server 6.1
Sun One Application Server 7.0
Sun One Web Server 6.0
Sun One Application Server
Sun One Web Server
Sun One Application Server 6.0
Sun Java System Application Server
Sun Java System Web Server
7.8
CVSSv2
CVE-2009-2475
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent malicious users to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefine...
Sun Java Se
Sun Openjdk
10
CVSSv2
CVE-2009-2476
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent malicious users to bypass intended access restrictions by leveraging finalizer resurrection to obtain a re...
Sun Openjdk
Sun Java Se
5
CVSSv2
CVE-2009-2690
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent malicious users to obtain sensitive information via an untrusted (1) applet or (2) application.
Sun Openjdk
Sun Java Se
10
CVSSv2
CVE-2009-2689
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent malicious users to bypass intended access restrictions via an untrusted (1) applet o...
Sun Java Se
Sun Openjdk
4.3
CVSSv2
CVE-2009-1218
Multiple cross-site scripting (XSS) vulnerabilities in Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 up to and including 6.3-7.01 allow remote malicious users to inject arbitrary web script or HTML via (1) the fmt-out ...
Sun Java System Calendar Server 6
Sun Java System Calendar Server 6.3
Sun One Calendar Server 6.0
1 EDB exploit
5
CVSSv2
CVE-2009-1219
Sun Calendar Express Web Server in Sun ONE Calendar Server 6.0 and Sun Java System Calendar Server 6 2004Q2 up to and including 6.3-7.01 allows remote malicious users to cause a denial of service (daemon crash) via multiple requests to the default URI with alphabetic characters i...
Sun Java System Calendar Server 6
Sun Java System Calendar Server 6.3
Sun One Calendar Server 6.0
1 EDB exploit
4
CVSSv2
CVE-2005-4046
Unspecified vulnerability in Reverse SSL Proxy Plug-in for Sun Java System Application Server Standard Edition 7 2004Q2, Application Server Enterprise Edition 8.1 2005Q1, and Sun ONE Application Server 7 Standard Edition, as used in multiple web servers, allows remote malicious u...
Sun Java System Application Server 7.0
Sun Java System Application Server 8.1
Sun One Application Server 7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »