Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2283
Multiple cross-site scripting (XSS) vulnerabilities in the help jsp scripts in Sun Java Web Console 3.0.2 up to and including 3.0.5, and Sun Java Web Console in Solaris 10, allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java Web Console 3.0.3
Sun Java Web Console 3.0.4
Sun Solaris 10
Sun Java Web Console 3.0.2
Sun Java Web Console 3.0.5
NA
CVE-2008-4541
Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 up to and including 4.0.7 allows remote malicious users to execute arbitrary code via a crafted HTTP GET request.
Sun Java System Web Proxy Server 4.0
Sun Java System Web Proxy Server 4.0.1
Sun Java System Web Proxy Server 4.0.3
Sun Java System Web Proxy Server 4.0.4
Sun Java System Web Proxy Server 4.0.6
Sun Java System Web Proxy Server 4.0.5
Sun Java System Web Proxy Server 4.0.7
Sun Java System Web Proxy Server 4.0.2
NA
CVE-2006-6276
HTTP request smuggling vulnerability in Sun Java System Proxy Server prior to 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote malicious users to bypass HTTP request filtering, hijack web sessions, perform cross-site scripti...
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
Sun Java System Application Server 8.1
Sun One Application Server 7.0
Sun Java System Web Proxy Server 4.0
Sun Java System Web Proxy Server 3.6
Sun Java System Application Server 7.0
Sun Java System Web Proxy Server -
4.3
CVSSv3
CVE-2021-2438
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromis...
Oracle Java Virtual Machine 12.1.0.2
Oracle Java Virtual Machine 12.2.0.1
Oracle Java Virtual Machine 19c
NA
CVE-2002-2005
Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows malicious users to gain access to restricted resources via unknown attack vectors.
Sun Java Web Start 1.0
Sun Java Web Start 1.0.1
Sun Java Web Start 1.0.1 01
NA
CVE-2009-1099
Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and previous versions, and 6 Update 12 and previous versions, allows remote malicious users to access files or execute arbitrary code via crafted glyph descriptions in a Typ...
Sun Java Runtime Environment 6.0
Sun Java Se Development Kit
Sun Java Runtime Environment 5.0
NA
CVE-2005-3966
Cross-site scripting (XSS) vulnerability in search.jsp in Java Search Engine (JSE) 0.9.34 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Java Search Engine Java Search Engine 0.9.34
1 EDB exploit
5.5
CVSSv3
CVE-2022-24913
Versions of the package com.fasterxml.util:java-merge-sort prior to 1.1.0 are vulnerable to Insecure Temporary File in the StdTempFileProvider() function in StdTempFileProvider.java, which uses the permissive File.createTempFile() function, exposing temporary file contents.
Java-merge-sort Project Java-merge-sort
6.1
CVSSv3
CVE-2023-29637
Cross Site Scripting (XSS) vulnerability in Qbian61 forum-java, allows malicious users to inject arbitrary web script or HTML via editing the article content in the "article editor" page.
Qbian61 Forum-java Project Qbian61 Forum-java -
NA
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote malicious users to ca...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »