Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml security for java vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2009-3129
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP...
Microsoft Excel 2007
Microsoft Compatibility Pack Word Excel Powerpoint 2007
Microsoft Excel 2003
Microsoft Open Xml File Format Converter
Microsoft Excel Viewer 2003
Microsoft Excel Viewer
Microsoft Excel 2002
Microsoft Office 2004
Microsoft Office 2008
2 EDB exploits
6 Articles
10
CVSSv2
CVE-2013-2465
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Java 11
Suse Linux Enterprise Java 10
1 EDB exploit
2 Github repositories
8 Articles
5
CVSSv2
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java before 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an malicious user to abuse an XP...
Apache Santuario Xml Security For Java
Apache Tomee
Apache Cxf 3.4.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Flexcube Private Banking 12.1.0
Oracle Agile Plm 9.3.6
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Outside In Technology 8.5.5
Oracle Weblogic Server 14.1.1.0.0
Oracle Retail Merchandising System 16.0.3
Oracle Retail Service Backbone 16.0.3
Oracle Retail Financial Integration 16.0.3
Oracle Retail Integration Bus 16.0.3
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Retail Service Backbone 15.0.3.1
Oracle Retail Service Backbone 14.1.3.2
Oracle Communications Messaging Server 8.1
Oracle Retail Merchandising System 19.0.1
3 Github repositories
4.3
CVSSv2
CVE-2013-5372
The XML4J parser in IBM WebSphere Message Broker 6.1 prior to 6.1.0.12, 7.0 prior to 7.0.0.7, and 8.0 prior to 8.0.0.4 and IBM Integration Bus 9.0 prior to 9.0.0.1 allows remote malicious users to cause a denial of service (memory consumption) via a crafted XML document that trig...
Ibm Websphere Message Broker 6.1.0.1
Ibm Websphere Message Broker 6.1.0.10
Ibm Websphere Message Broker 6.1.0.4
Ibm Websphere Message Broker 6.1.0.5
Ibm Websphere Message Broker 6.1
Ibm Websphere Message Broker 6.1.0.7
Ibm Websphere Message Broker 6.1.0.6
Ibm Websphere Message Broker 6.1.0.8
Ibm Websphere Message Broker 6.1.0.9
Ibm Websphere Message Broker 6.1.0.11
Ibm Websphere Message Broker 6.1.0.2
Ibm Websphere Message Broker 6.1.0.3
Ibm Websphere Message Broker 8.0
Ibm Websphere Message Broker 8.0.0.1
Ibm Websphere Message Broker 8.0.0.2
Ibm Websphere Message Broker 8.0.0.3
Ibm Websphere Message Broker 7.0.0.3
Ibm Websphere Message Broker 7.0.0.4
Ibm Websphere Message Broker 7.0.0.5
Ibm Websphere Message Broker 7.0.0.6
Ibm Websphere Message Broker 7.0.
Ibm Websphere Message Broker 7.0.0.1
5
CVSSv2
CVE-2020-14621
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network ac...
Oracle Jdk 11.0.7
Oracle Jdk 14.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
5
CVSSv2
CVE-2009-2625
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote malicious users to cause a denial of service (infinite loop and application hang) via...
Oracle Jdk 1.5.0
Oracle Jdk 1.6.0
Fedoraproject Fedora 11
Fedoraproject Fedora 10
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.0
Opensuse Opensuse 11.2
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Oracle Primavera Web Services 7.0
Oracle Primavera Web Services 6.2.1
Oracle Primavera P6 Enterprise Project Portfolio Management 6.2.1
Oracle Primavera P6 Enterprise Project Portfolio Management 7.0
Oracle Primavera P6 Enterprise Project Portfolio Management 6.1
3.5
CVSSv2
CVE-2013-6430
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework prior to 3.2.2 does not properly escape certain characters, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a (1) line separator or...
Pivotal Software Spring Framework
5
CVSSv2
CVE-2009-0217
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Pro...
Oracle Application Server 10.1.3.4
Oracle Application Server 10.1.2.3
Oracle Bea Product Suite 10.0
Mono Project Mono 2.0
Oracle Weblogic Server Component 10.3
Oracle Weblogic Server Component 10.0
Ibm Websphere Application Server 6.0.2.10
Ibm Websphere Application Server 6.0.2.12
Ibm Websphere Application Server 6.0.1.1
Ibm Websphere Application Server 6.0.1.13
Ibm Websphere Application Server 6.0.2.2
Ibm Websphere Application Server 6.0.2.19
Ibm Websphere Application Server 6.0.2.21
Ibm Websphere Application Server 6.0.0.2
Ibm Websphere Application Server 6.0.2.29
Ibm Websphere Application Server 6.0.2.28
Ibm Websphere Application Server 6.0.2.25
Ibm Websphere Application Server 6.1.0.20
Ibm Websphere Application Server 6.1.0.22
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.3
6.8
CVSSv2
CVE-2009-2676
Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and previous versions and JDK and JRE 5.0 Update 19 and previous versions; and Java SE for Business in SDK and JRE 1.4.2_21 and previous versions; allows remote malicio...
Sun Java Se
Sun Jdk
Sun Jdk 1.6.0
Sun Jre 1.6.0
Sun Jdk 1.5.0
Sun Jre 1.5.0
Sun Jre
Sun Sdk 1.4.2 1
Sun Sdk 1.4.2 2
Sun Sdk 1.4.2 10
Sun Sdk 1.4.2 11
Sun Sdk 1.4.2 18
Sun Sdk 1.4.2 19
Sun Sdk 1.4.1 02
Sun Sdk 1.4.1 03
Sun Jre 1.4.2
Sun Jre 1.4.2 1
Sun Jre 1.4.2 8
Sun Jre 1.4.2 9
Sun Jre 1.4.1
Sun Jre 1.4.0 03
Sun Jre 1.4.0 04
10
CVSSv2
CVE-2012-1713
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and previous versions, 6 update 32 and previous versions, 5 update 35 and previous versions, 1.4.2_37 and previous versions, and JavaFX 2.1 and previous versions allows remote m...
Oracle Jre
Oracle Jdk
Sun Jdk
Sun Jre
Oracle Javafx
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »