Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jdk vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2016-5597
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote malicious users to affect confidentiality via vectors related to Networking.
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.7.0
Oracle Jre 1.8.0
5.5
CVSSv3
CVE-2023-42503
Improper Input Validation, Uncontrolled Resource Consumption vulnerability in Apache Commons Compress in TAR parsing.This issue affects Apache Commons Compress: from 1.22 prior to 1.24.0. Users are recommended to upgrade to version 1.24.0, which fixes the issue. A third party can...
Apache Commons Compress
5.5
CVSSv3
CVE-2022-41946
pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either `PreparedStatement.setText(int, InputStream)` or `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k. This will crea...
Postgresql Postgresql Jdbc Driver 42.5.0
Postgresql Postgresql Jdbc Driver
Debian Debian Linux 10.0
2 Github repositories
5.5
CVSSv3
CVE-2021-21430
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave applicatio...
Openapi-generator Openapi Generator
5.5
CVSSv3
CVE-2020-17521
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some context...
Apache Groovy 4.0.0
Apache Groovy
Netapp Snapcenter -
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Ilearning 6.2
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
Oracle Primavera Unifier 19.12
Oracle Retail Bulk Data Integration 15.0.3.0
Oracle Retail Bulk Data Integration 16.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 16.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Services Gatekeeper 6.0
Oracle Communications Services Gatekeeper 6.1
5.5
CVSSv3
CVE-2020-15250
In JUnit4 from version 4.7 and prior to 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories...
Junit Junit4
Debian Debian Linux 9.0
Apache Pluto
Oracle Communications Cloud Native Core Policy 1.14.0
6 Github repositories
5.4
CVSSv3
CVE-2022-30963
Jenkins JDK Parameter Plugin 1.0 and previous versions does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Jdk Parameter
5.4
CVSSv3
CVE-2017-2612
In Jenkins prior to 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
Jenkins Jenkins
5.3
CVSSv3
CVE-2023-22067
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability...
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
5.3
CVSSv3
CVE-2023-22081
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle ...
Oracle Jdk 11.0.2
Oracle Jre 11.0.2
Oracle Graalvm For Jdk 17.0.8
Oracle Graalvm For Jdk 21
Oracle Jdk 21.0.0
Oracle Jre 21.0.0
Oracle Jdk 17.0.8
Oracle Jre 17.0.8
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »