Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2009-1084
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 does not properly restrict access to the System Configuration object, which allows remote authenticated administrators and possibly remote malicious users to have an unspecified impact by modifying this object.
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
445
VMScore
CVE-2020-6190
Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
447
VMScore
CVE-2020-6286
The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated malicious user to exploit a method to download zip files to a specific directory, leadin...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
6 Github repositories
1 Article
356
VMScore
CVE-2020-6313
SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
801
VMScore
CVE-2009-1082
Sun Java System Identity Manager (IdM) 7.0 up to and including 8.0 allows remote authenticated users to gain privileges by submitting crafted commands to the Admin Console, as demonstrated by privileges for account creation and other administrative capabilities, related to the sa...
Sun Java System Identity Manager 7.1.1
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 8.0
383
VMScore
CVE-2007-2904
Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 up to and including 6.3, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653.
Sun Java System Messaging Server 6.1
Sun Java System Messaging Server 6.0
Sun Java System Messaging Server 6.2
Sun Java System Messaging Server 6.3
445
VMScore
CVE-2019-0345
A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credential...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
1 Article
694
VMScore
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote malicious users to ca...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.0
383
VMScore
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
356
VMScore
CVE-2021-27621
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows malicious users to access restricted information by entering malicious server name.
Sap Netweaver Application Server For Java 7.20
Sap Netweaver Application Server For Java 7.30
Sap Netweaver Application Server For Java 7.31
Sap Netweaver Application Server For Java 7.40
Sap Netweaver Application Server For Java 7.11
Sap Netweaver Application Server For Java 7.50
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »