Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jdk vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2022-30963
Jenkins JDK Parameter Plugin 1.0 and previous versions does not escape the name and description of JDK parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
Jenkins Jdk Parameter
5
CVSSv2
CVE-2022-21426
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily e...
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Jdk 18
Oracle Jdk 17.0.2
Oracle Jdk 11.0.14
Oracle Jre 17.0.2
Oracle Jre 11.0.14
Oracle Jre 18
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Solidfire & Hci Management Node -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Netapp 7-mode Transition Tool -
5
CVSSv2
CVE-2022-21434
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas...
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Jdk 18
Oracle Jdk 17.0.2
Oracle Jdk 11.0.14
Oracle Jre 17.0.2
Oracle Jre 11.0.14
Oracle Jre 18
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Solidfire & Hci Management Node -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Netapp 7-mode Transition Tool -
5
CVSSv2
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas...
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Jdk 18
Oracle Jdk 17.0.2
Oracle Jdk 11.0.14
Oracle Jdk 8.0
Oracle Jdk 7.0
Netapp Element Software -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Netapp E-series Santricity Os Controller
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Secure Agent -
Netapp Bootstrap Os -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2022-21449
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerabilit...
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Jdk 18
Oracle Jdk 17.0.2
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Cloud Insights -
Netapp E-series Santricity Storage Manager -
Netapp E-series Santricity Web Services -
Netapp Solidfire & Hci Management Node -
Netapp Santricity Unified Manager -
Netapp Hci Compute Node -
Netapp 7-mode Transition Tool -
Netapp Active Iq Unified Manager -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp E-series Santricity Os Controller 11.0
Azul Zulu 15.38
Azul Zulu 17.32
Azul Zulu 18.28
25 Github repositories
1 Article
7.5
CVSSv2
CVE-2022-22963
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Vmware Spring Cloud Function
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Banking Cash Management 14.5
Oracle Banking Trade Finance Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.5
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Supply Chain Finance 14.5
Oracle Sd-wan Edge 9.1
Oracle Banking Liquidity Management 14.5
Oracle Banking Liquidity Management 14.2
Oracle Banking Virtual Account Management 14.5
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Mysql Enterprise Monitor
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Communications Policy Management 12.6.0.0.0
63 Github repositories
3 Articles
7.5
CVSSv2
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
175 Github repositories
7 Articles
5
CVSSv2
CVE-2022-21349
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows u...
Oracle Graalvm 21.3.0
Oracle Jre 1.7.0
Oracle Graalvm 20.3.4
Oracle Jre 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.8.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Cloud Insights -
Netapp E-series Santricity Storage Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Netapp 7-mode Transition Tool -
Netapp E-series Santricity Os Controller
Debian Debian Linux 9.0
Oracle Openjdk 8
Oracle Openjdk 7
5
CVSSv2
CVE-2022-21360
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable ...
Oracle Graalvm 21.3.0
Oracle Jre 17.0.1
Oracle Jre 1.7.0
Oracle Jre 11.0.13
Oracle Graalvm 20.3.4
Oracle Jre 1.8.0
Oracle Jdk 17.0.1
Oracle Jdk 1.7.0
Oracle Jdk 11.0.13
Oracle Jdk 1.8.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Netapp 7-mode Transition Tool -
Netapp E-series Santricity Os Controller
Netapp Cloud Insights Acquisition Unit -
5
CVSSv2
CVE-2022-21340
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitabl...
Oracle Graalvm 21.3.0
Oracle Jre 17.0.1
Oracle Jre 1.7.0
Oracle Jre 11.0.13
Oracle Graalvm 20.3.4
Oracle Jre 1.8.0
Oracle Jdk 17.0.1
Oracle Jdk 1.7.0
Oracle Jdk 11.0.13
Oracle Jdk 1.8.0
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Storage Manager -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Santricity Unified Manager -
Netapp E-series Santricity Web Services -
Netapp 7-mode Transition Tool -
Netapp E-series Santricity Os Controller
Netapp Cloud Insights Acquisition Unit -
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »