Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-0767
PostgreSQL PL/Java prior to 1.5.0 allows remote authenticated users with USAGE permission on the public schema to alter the public schema classpath.
Pl\\/java Project Pl\\/java
7.5
CVSSv3
CVE-2022-37734
graphql-java before19.0 is vulnerable to Denial of Service. An attacker can send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0 and later, 18.3, and 17.4, and 0.0.0-2022-07-26T05-45-04-226aabd9.
Graphql-java Project Graphql-java
6.5
CVSSv3
CVE-2016-2192
PostgreSQL PL/Java prior to 1.5.0 allows remote authenticated users to alter type mappings for types they do not own.
Pl\\/java Project Pl\\/java
8.1
CVSSv3
CVE-2020-11050
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.
Java-websocket Project Java-websocket
9.8
CVSSv3
CVE-2020-25021
An issue exists in Noise-Java through 2020-08-27. ChaChaPolyCipherState.encryptWithAd() allows out-of-bounds access.
Noise-java Project Noise-java
9.8
CVSSv3
CVE-2020-25023
An issue exists in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd() allows out-of-bounds access.
Noise-java Project Noise-java
NA
CVE-2008-3440
Sun Java 1.6.0_03 and previous versions versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle malicious users to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache pois...
Sun Java 1.6.0
Sun Java
7.5
CVSSv3
CVE-2022-1279
A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions before 1.2.
Ebics Java Project Ebics Java
7.5
CVSSv3
CVE-2023-5072
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
Json-java Project Json-java
2 Github repositories
7.1
CVSSv3
CVE-2021-35619
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to co...
Oracle Java Virtual Machine 12.1.0.2
Oracle Java Virtual Machine 12.2.0.1
Oracle Java Virtual Machine 19c
Oracle Java Virtual Machine 21c
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »