Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java system application server vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2019-4732
IBM SDK, Java Technology Edition Version 7.0.0.0 up to and including 7.0.10.55, 7.1.0.0 up to and including 7.1.4.55, and 8.0.0.0 up to and including 8.0.6.0 could allow a local authenticated malicious user to execute arbitrary code on the system, caused by DLL search order hijac...
Ibm Sdk
Ibm Websphere Application Server 7.0
Ibm Websphere Application Server 8.0
Ibm Websphere Application Server 8.5
Ibm Websphere Application Server 9.0
892
VMScore
CVE-2022-22536
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitra...
Sap Netweaver Application Server Abap Krnl64nuc 7.49
Sap Netweaver Application Server Abap Krnl64uc 7.49
Sap Netweaver Application Server Abap Krnl64uc 7.53
Sap Web Dispatcher 7.53
Sap Web Dispatcher 7.77
Sap Web Dispatcher 7.81
Sap Web Dispatcher 7.22ext
Sap Web Dispatcher 7.49
Sap Content Server 7.53
Sap Web Dispatcher 7.85
Sap Web Dispatcher 7.86
Sap Web Dispatcher 7.87
Sap Netweaver Application Server Abap Krnl64nuc 7.22
Sap Netweaver Application Server Abap Krnl64nuc 7.22ext
Sap Netweaver Application Server Abap Krnl64uc 8.04
Sap Netweaver Application Server Abap Krnl64uc 7.22
Sap Netweaver Application Server Abap Krnl64uc 7.22ext
Sap Netweaver Application Server Abap 7.22
Sap Netweaver Application Server Abap 7.49
Sap Netweaver Application Server Abap 7.53
Sap Netweaver Application Server Abap 7.77
Sap Netweaver Application Server Abap 7.81
7 Github repositories
1 Article
760
VMScore
CVE-2007-1036
The default configuration of JBoss does not restrict access to the (1) console and (2) web management interfaces, which allows remote malicious users to bypass authentication and gain administrative access via direct requests.
Jboss Jboss Application Server
2 EDB exploits
668
VMScore
CVE-2014-0107
The TransformerFactory in Apache Xalan-Java prior to 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote malicious users to bypass expected restrictions and load arbitrary classes or access external resource...
Apache Xalan-java 2.6.0
Apache Xalan-java
Apache Xalan-java 2.0.1
Apache Xalan-java 2.0.0
Apache Xalan-java 2.5.1
Apache Xalan-java 2.5.0
Apache Xalan-java 2.4.1
Apache Xalan-java 2.1.0
Apache Xalan-java 2.7.0
Apache Xalan-java 2.5.2
Apache Xalan-java 2.2.0
Apache Xalan-java 2.4.0
Apache Xalan-java 1.0.0
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 7.6.2
685
VMScore
CVE-2003-0413
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote malicious users to insert arbitrary web script or HTML via an HTTP request that generat...
Sun One Application Server 7.0
1 EDB exploit
668
VMScore
CVE-2018-1000613
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Netapp Oncommand Workflow Automation -
Opensuse Leap 15.1
Oracle Retail Xstore Point Of Service 7.1
Oracle Api Gateway 11.1.2.4.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Xstore Point Of Service 7.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Communications Webrtc Session Controller 7.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Soa Suite 12.1.3.0.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Communications Converged Application Server
1 Github repository
505
VMScore
CVE-2011-5035
Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allo...
Oracle Glassfish Server
Oracle Glassfish Server 2.1.1
Oracle Glassfish Server 3.0.1
1 EDB exploit
593
VMScore
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
672
VMScore
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j...
Apache Log4j
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Netapp Oncommand Workflow Automation -
Netapp Oncommand System Manager
Oracle Retail Service Backbone 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Financial Services Lending And Leasing
Oracle Financial Services Lending And Leasing 12.5.0
Oracle Communications Network Integrity
18 Github repositories
1 Article
755
VMScore
CVE-2006-3733
jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) prior to 4.2.1, allows remote malicious users to gain privileges as the CS-MARS administrator and execute arbitrary Ja...
Cisco Security Monitoring Analysis And Response System 4.2.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »