Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-21485
An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the malicious user to gain NTLM hashes of a privileged user.
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
Sap Netweaver Application Server Java 7.10
4.9
CVSSv3
CVE-2021-33687
SAP NetWeaver AS JAVA (Enterprise Portal), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 reveals sensitive information in one of their HTTP requests, an attacker can use this in conjunction with other attacks such as XSS to steal this information.
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
Sap Netweaver Application Server Java 7.10
NA
CVE-2009-2268
Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 6
Sun Java System Access Manager 7.0
Sun Java System Access Manager 6.0 2005q1
NA
CVE-2013-4517
Apache Santuario XML Security for Java prior to 1.5.6, when applying Transforms, allows remote malicious users to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Apache Santuario Xml Security For Java 1.4.1
Apache Santuario Xml Security For Java 1.4.2
Apache Santuario Xml Security For Java 1.4.3
Apache Santuario Xml Security For Java 1.3.0
Apache Santuario Xml Security For Java 1.4.5
Apache Santuario Xml Security For Java 1.4.4
Apache Santuario Xml Security For Java 1.5.1
Apache Santuario Xml Security For Java 1.4.8
Apache Santuario Xml Security For Java 1.4.6
Apache Santuario Xml Security For Java 1.4.0
Apache Santuario Xml Security For Java 1.5.2
Apache Santuario Xml Security For Java 1.5.4
Apache Santuario Xml Security For Java 1.5.3
Apache Santuario Xml Security For Java 1.4.7
Apache Santuario Xml Security For Java 1.5.0
Apache Santuario Xml Security For Java 1.2.1
Apache Santuario Xml Security For Java
Apache Santuario Xml Security For Java 1.2.0
NA
CVE-2006-3127
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote malicious users to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic...
Sun Java Enterprise System 2004q2
Sun Java Enterprise System 2005q1
Sun Java System Directory Server 5.2
Sun Java Enterprise System 2003q4
NA
CVE-2007-6570
Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x prior to 4.0.6 and 3.x prior to 3.6 SP11 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.
Sun Java System Web Proxy Server 3.6
Sun Java System Web Proxy Server 4.0.2
Sun Java System Web Proxy Server 4.0.3
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.5
Sun Java System Web Proxy Server 4.0
Sun Java System Web Server 7.0
NA
CVE-2007-6571
Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.
Sun Java System Web Proxy Server 3.6
Sun Java System Web Proxy Server 4.0
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.5
Sun Java System Web Proxy Server 4.0.2
Sun Java System Web Proxy Server 4.0.3
NA
CVE-2007-6572
Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.
Sun Java System Web Proxy Server 3.6
Sun Java System Web Proxy Server 4.0
Sun Java System Web Proxy Server 4.0.2
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
Sun Java System Web Proxy Server 4.0.3
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.5
7.5
CVSSv3
CVE-2021-37819
PDF Labs pdftk-java v3.2.3 exists to contain an infinite loop via the component /text/pdf/PdfReader.java.
Pdftk-java Project Pdftk-java 3.2.3
NA
CVE-2008-2403
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 allow remote malicious users to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.
Sun Java Asp Server 4.0.1
Sun Java Asp Server
Sun Java Asp Server 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »