Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2019-0391
Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an malicious user to access information which would otherwise be restricted.
Sap Netweaver Application Server Java 7.10
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
NA
CVE-2009-2268
Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 6
Sun Java System Access Manager 7.0
Sun Java System Access Manager 6.0 2005q1
7.4
CVSSv3
CVE-2018-2503
By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).
Sap Netweaver Application Server Java 7.11
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
NA
CVE-2013-4517
Apache Santuario XML Security for Java prior to 1.5.6, when applying Transforms, allows remote malicious users to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Apache Santuario Xml Security For Java 1.4.1
Apache Santuario Xml Security For Java 1.4.2
Apache Santuario Xml Security For Java 1.4.3
Apache Santuario Xml Security For Java 1.3.0
Apache Santuario Xml Security For Java 1.4.5
Apache Santuario Xml Security For Java 1.4.4
Apache Santuario Xml Security For Java 1.5.1
Apache Santuario Xml Security For Java 1.4.8
Apache Santuario Xml Security For Java 1.4.6
Apache Santuario Xml Security For Java 1.4.0
Apache Santuario Xml Security For Java 1.5.2
Apache Santuario Xml Security For Java 1.5.4
Apache Santuario Xml Security For Java 1.5.3
Apache Santuario Xml Security For Java 1.4.7
Apache Santuario Xml Security For Java 1.5.0
Apache Santuario Xml Security For Java 1.2.1
Apache Santuario Xml Security For Java
Apache Santuario Xml Security For Java 1.2.0
NA
CVE-2006-3127
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote malicious users to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic...
Sun Java Enterprise System 2004q2
Sun Java Enterprise System 2005q1
Sun Java System Directory Server 5.2
Sun Java Enterprise System 2003q4
NA
CVE-2007-6570
Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x prior to 4.0.6 and 3.x prior to 3.6 SP11 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.
Sun Java System Web Proxy Server 3.6
Sun Java System Web Proxy Server 4.0.2
Sun Java System Web Proxy Server 4.0.3
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.5
Sun Java System Web Proxy Server 4.0
Sun Java System Web Server 7.0
NA
CVE-2007-6571
Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.
Sun Java System Web Proxy Server 3.6
Sun Java System Web Proxy Server 4.0
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.5
Sun Java System Web Proxy Server 4.0.2
Sun Java System Web Proxy Server 4.0.3
NA
CVE-2007-6572
Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.
Sun Java System Web Proxy Server 3.6
Sun Java System Web Proxy Server 4.0
Sun Java System Web Proxy Server 4.0.2
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
Sun Java System Web Proxy Server 4.0.3
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.5
7.5
CVSSv3
CVE-2021-37819
PDF Labs pdftk-java v3.2.3 exists to contain an infinite loop via the component /text/pdf/PdfReader.java.
Pdftk-java Project Pdftk-java 3.2.3
NA
CVE-2008-2403
Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server prior to 4.0.3 allow remote malicious users to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.
Sun Java Asp Server 4.0.1
Sun Java Asp Server
Sun Java Asp Server 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »