Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-32697
SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 up to and including 3.41.2.1 and has been fixed in version 3.41.2.2.
Sqlite Jdbc Project Sqlite Jdbc
9.8
CVSSv3
CVE-2023-29411
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow changes to administrative credentials, leading to potential remote code execution without requiring prior authentication on the Java RMI interface.
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
9.8
CVSSv3
CVE-2023-29412
A CWE-78: Improper Handling of Case Sensitivity vulnerability exists that could cause remote code execution when manipulating internal methods through Java RMI interface.
Schneider-electric Apc Easy Ups Online Monitoring Software
Schneider-electric Easy Ups Online Monitoring Software
9.8
CVSSv3
CVE-2023-28500
A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and previous versions allows unauthenticated remote malicious users to gain operating system code execution by submitting specially crafted Java serialized objects to a specific URL. Adobe LiveCycle...
Adobe Livecycle Es4
9.8
CVSSv3
CVE-2022-43939
Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.
Hitachi Vantara Pentaho Business Analytics Server
Hitachi Vantara Pentaho Business Analytics Server 9.4.0.0
1 Metasploit module
9.8
CVSSv3
CVE-2023-28462
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), and 5.2020.1 and newer (Community), when Java 1.8u181 and previous versions is used, allows remote malicious users to load malicious code on the server once...
Payara Payara Server
9.8
CVSSv3
CVE-2023-1608
A vulnerability was found in Zhong Bang CRMEB Java up to 1.3.4. It has been declared as critical. This vulnerability affects the function getAdminList of the file /api/admin/store/product/list. The manipulation of the argument cateId leads to sql injection. The attack can be init...
Crmeb Crmeb Java
9.8
CVSSv3
CVE-2022-37936
Unauthenticated Java deserialization vulnerability in Serviceguard Manager
Hpe Serviceguard For Linux
9.8
CVSSv3
CVE-2023-0511
Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1
Forgerock Java Policy Agents
9.8
CVSSv3
CVE-2023-25157
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service ...
Osgeo Geoserver
8 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »