Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xml security for java vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-5884
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote malicious users to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on ...
Oracle Jre 1.7.0
Oracle Jdk 1.5.0
Oracle Jre 1.5.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
10
CVSSv2
CVE-2012-1723
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and previous versions, 6 update 32 and previous versions, 5 update 35 and previous versions, and 1.4.2_37 and previous versions allows remote malicious users to affect confident...
Oracle Jre
Oracle Jdk
Sun Jdk
Sun Jre
1 EDB exploit
2 Github repositories
6 Articles
4.3
CVSSv2
CVE-2020-14573
Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. S...
Oracle Jdk 11.0.7
Oracle Jdk 14.0.1
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Unified Manager -
Netapp E-series Santricity Os Controller
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
7.5
CVSSv2
CVE-2002-0865
A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and previous versions, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote malicious users to execute unsafe code via a Java applet, aka "I...
Microsoft Virtual Machine 3300
Microsoft Virtual Machine 3802
Microsoft Virtual Machine 3188
Microsoft Virtual Machine 3200
Microsoft Virtual Machine 3000
Microsoft Virtual Machine 3100
Microsoft Virtual Machine 2000
Microsoft Virtual Machine 3805
5
CVSSv2
CVE-2020-26258
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote malicious user to request data from internal resources tha...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
3 Github repositories
NA
CVE-2022-46751
Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy before 2.5.2. When Apache Ivy before 2.5.2 parses XML files - either its own config...
Apache Ivy
1 Github repository
4.3
CVSSv2
CVE-2020-14577
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network ...
Oracle Jdk 11.0.7
Oracle Jdk 14.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
5.1
CVSSv2
CVE-2020-14583
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with net...
Oracle Jdk 11.0.7
Oracle Jdk 14.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
4.3
CVSSv2
CVE-2020-14593
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network acce...
Oracle Jdk 11.0.7
Oracle Jdk 14.0.1
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
5.8
CVSSv2
CVE-2020-14556
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network ac...
Oracle Jdk 11.0.7
Oracle Jdk 14.0.1
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp Santricity Unified Manager -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »