Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1078
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not enforce the expected privilege requirements for (1) deleting audit policies and (2) modifying workflows, which allows remote authenticated users to have an unspecified impact.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-1081
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19595 and 19661.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-1083
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote malicious users to execute arbitrary commands via vectors involving "resource ad...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2007-2904
Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 up to and including 6.3, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653.
Sun Java System Messaging Server 6.1
Sun Java System Messaging Server 6.0
Sun Java System Messaging Server 6.2
Sun Java System Messaging Server 6.3
NA
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote malicious users to ca...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.0
NA
CVE-2009-1074
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not use SSL in all expected circumstances, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network, related to "ssl termination devices" and lack of ...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
NA
CVE-2009-1082
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 allows remote authenticated users to gain privileges by submitting crafted commands to the Admin Console, as demonstrated by privileges for account creation and other administrative capabilities, related to the sa...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
10
CVSSv3
CVE-2020-6287
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
1 Metasploit module
9 Github repositories
2 Articles
NA
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
NA
CVE-2013-2172
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x prior to 1.4.8 and 1.5.x prior to 1.5.5 allows context-dependent malicious users to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrar...
Apache Santuario Xml Security For Java 1.5.1
Apache Santuario Xml Security For Java 1.5.2
Apache Santuario Xml Security For Java 1.5.4
Apache Santuario Xml Security For Java 1.5.3
Apache Santuario Xml Security For Java 1.4.7
Apache Santuario Xml Security For Java 1.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »