Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jdk vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-41331
SOFARPC is a Java RPC framework. Versions before 5.11.0 are vulnerable to remote command execution. Through a carefully crafted payload, an attacker can achieve JNDI injection or system command execution. In the default configuration of the SOFARPC framework, a blacklist is used ...
Sofastack Sofarpc
NA
CVE-2022-40433
Rejected reason: ** REJECT ** This CVE ID has been rejected by its CNA as it was not a security issue.
3.1
CVSSv3
CVE-2023-26438
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cache. Attackers that were timing DNS cache expiry correctly were able to inject configuration that would bypass existing network deny-lists....
Open-xchange Open-xchange Appsuite Backend 7.10.6
Open-xchange Open-xchange Appsuite Backend 8.10.0
3.7
CVSSv3
CVE-2023-22051
Vulnerability in the Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: GraalVM Compiler). Supported versions that are affected are Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult...
Oracle Graalvm For Jdk 20.0.1
Oracle Graalvm 21.3.6
Oracle Graalvm 22.3.2
Oracle Graalvm For Jdk 17.0.7
3.1
CVSSv3
CVE-2023-22006
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, ...
Oracle Jre 17.0.7
Oracle Jre 11.0.19
Oracle Jdk 17.0.7
Oracle Jdk 11.0.19
Oracle Graalvm For Jdk 20.0.1
Oracle Graalvm 21.3.6
Oracle Graalvm 22.3.2
Oracle Graalvm 20.3.10
Oracle Jdk 20.0.1
Oracle Jre 20.0.1
Oracle Graalvm For Jdk 17.0.7
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp 7-mode Transition Tool -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
3.7
CVSSv3
CVE-2023-22036
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22....
Oracle Jre 17.0.7
Oracle Jre 11.0.19
Oracle Jdk 17.0.7
Oracle Jdk 11.0.19
Oracle Graalvm For Jdk 20.0.1
Oracle Graalvm 21.3.6
Oracle Graalvm 22.3.2
Oracle Graalvm 20.3.10
Oracle Jdk 20.0.1
Oracle Jre 20.0.1
Oracle Graalvm For Jdk 17.0.7
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp 7-mode Transition Tool -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
5.1
CVSSv3
CVE-2023-22041
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10,...
Oracle Jre 17.0.7
Oracle Jre 11.0.19
Oracle Jdk 17.0.7
Oracle Jdk 11.0.19
Oracle Graalvm For Jdk 20.0.1
Oracle Graalvm 21.3.6
Oracle Graalvm 22.3.2
Oracle Graalvm 20.3.10
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Jdk 20.0.1
Oracle Jre 20.0.1
Oracle Graalvm For Jdk 17.0.7
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp 7-mode Transition Tool -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
5.9
CVSSv3
CVE-2023-22043
Vulnerability in Oracle Java SE (component: JavaFX). The supported version that is affected is Oracle Java SE: 8u371. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of ...
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
3.7
CVSSv3
CVE-2023-22044
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; O...
Oracle Jre 17.0.7
Oracle Jdk 17.0.7
Oracle Graalvm For Jdk 20.0.1
Oracle Graalvm 21.3.6
Oracle Graalvm 22.3.2
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Jdk 20.0.1
Oracle Jre 20.0.1
Oracle Graalvm For Jdk 17.0.7
Debian Debian Linux 11.0
Debian Debian Linux 12.0
3.7
CVSSv3
CVE-2023-22045
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 2...
Oracle Jre 17.0.7
Oracle Jre 11.0.19
Oracle Jdk 17.0.7
Oracle Jdk 11.0.19
Oracle Graalvm For Jdk 20.0.1
Oracle Graalvm 21.3.6
Oracle Graalvm 22.3.2
Oracle Graalvm 20.3.10
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Jdk 20.0.1
Oracle Jre 20.0.1
Oracle Graalvm For Jdk 17.0.7
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp 7-mode Transition Tool -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »