Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sun java vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2000-0629
The default configuration of the Sun Java web server 2.0 and previous versions allows remote malicious users to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.
Sun Java System Web Server 1.1.3
Sun Java System Web Server 2.0
4.3
CVSSv2
CVE-2008-6192
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Sun Java System Portal Server 7.0
Sun Java System Portal Server 7.1
5
CVSSv2
CVE-2008-5549
Unspecified vulnerability in the Sun Java Web Console components in Sun Java System Portal Server 7.1 and 7.2 allows remote malicious users to access local files and read the product's configuration information via unknown vectors related to "access to secure files by T...
Sun Java System Portal Server 7.1
Sun Java System Portal Server 7.2
7.5
CVSSv2
CVE-2007-1488
Unspecified vulnerability in Sun Java System Web Server 6.0 and 6.1 prior to 20070315 allows remote malicious users to "gain unauthorized access to data", possibly involving a sample application.
Sun Java System Web Server 6.0
Sun Java System Web Server 6.1
5
CVSSv2
CVE-2005-3472
Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote malicious users to read sensitive information from configuration files.
Sun Java System Communications Express 2004q2
Sun Java System Communications Express 2005q1
7.5
CVSSv2
CVE-2007-4164
CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 prior to 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.c...
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
5
CVSSv2
CVE-2009-0278
Sun Java System Application Server (AS) 8.1 and 8.2 allows remote malicious users to read the Web Application configuration files in the (1) WEB-INF or (2) META-INF directory via a malformed request.
Sun Java System Application Server 8.2
Sun Java System Application Server 8.1
4.3
CVSSv2
CVE-2008-5098
Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.2 and 6.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-2904.
Sun Java System Messaging Server 6.2
Sun Java System Messaging Server 6.3
4.3
CVSSv2
CVE-2008-2166
Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote malicious users to inject arbitrary web script or HTML via unknown parameters in index.jsp.
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
5
CVSSv2
CVE-2009-1332
The Online Help feature in Sun Java System Directory Server 5.2 and Enterprise Edition 5 allows remote malicious users to determine the existence of files and directories, and possibly obtain partial contents of files, via unspecified vectors.
Sun Java System Directory Server 5.2
Sun Java System Directory Server 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »