Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java enterprise system vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2011-0807
Unspecified vulnerability in Oracle Sun GlassFish Enterprise Server 2.1, 2.1.1, and 3.0.1, and Sun Java System Application Server 9.1, allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Administration.
Oracle Glassfish Server 3.0.1
Oracle Glassfish Server 2.1
Oracle Glassfish Server 2.1.1
Sun Java System Application Server 9.1
1 EDB exploit
10
CVSSv2
CVE-2007-2435
Sun Java Web Start in JDK and JRE 5.0 Update 10 and previous versions, and Java Web Start in SDK and JRE 1.4.2_13 and previous versions, allows remote malicious users to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect U...
Sun Jre
Sun Sdk
Sun Java Enterprise System
10
CVSSv2
CVE-2005-1208
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and previous versions, and Server 2003 SP1 and previous versions allows remote malicious users to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overfl...
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Standard
Microsoft Windows 98
Microsoft Windows Xp
Microsoft Windows 2003 Server 64-bit
Microsoft Windows 2003 Server Datacenter 64-bit
Microsoft Windows 2003 Server Standard 64-bit
Microsoft Windows 2003 Server Web
Microsoft Windows 2000
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1151 Github repositories
28 Articles
9.3
CVSSv2
CVE-2008-2705
Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote malicious users to bypass authentication via unspecified vectors.
Sun Java System Access Manager 7.1
9
CVSSv2
CVE-2020-13936
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity template...
Apache Velocity Engine
Apache Wss4j 2.3.1
Debian Debian Linux 9.0
Oracle Retail Order Broker 16.0
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.7.1
Oracle Communications Network Integrity 7.3.6
Oracle Banking Enterprise Default Management 2.12.0
Oracle Banking Enterprise Default Management 2.10.0
Oracle Banking Party Management 2.7.0
Oracle Utilities Testing Accelerator 6.0.0.2.2
Oracle Utilities Testing Accelerator 6.0.0.3.1
Oracle Utilities Testing Accelerator 6.0.0.1.1
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Banking Platform
Oracle Banking Loans Servicing 2.12.0
Oracle Retail Service Backbone 19.0.1
Oracle Retail Integration Bus 19.0.1
Oracle Banking Enterprise Default Management 2.7.1
Oracle Banking Enterprise Default Management 2.6.2
Oracle Banking Enterprise Default Management
Oracle Banking Deposits And Lines Of Credit Servicing 2.12.0
1 Github repository
9
CVSSv2
CVE-2020-12873
An issue exists in Alfresco Enterprise Content Management (ECM) prior to 6.2.1. A user with privileges to edit a FreeMarker template (e.g., a webscript) may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running Alfresco.
Atlassian Alfresco Enterprise Content Management
1 Github repository
8.5
CVSSv2
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
7.8
CVSSv2
CVE-2011-3559
Unspecified vulnerability in Oracle Communications Server 2.0; GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1; and Sun Java System App Server 8.1 and 8.2 allows remote malicious users to affect availability via unknown vectors related to Web Container.
Oracle Communications Server 2.0
Oracle Java System Application Server 8.1
Oracle Java System Application Server 8.2
Oracle Glassfish Server 3.0.1
Oracle Glassfish Server 3.1.1
Oracle Glassfish Server 2.1.1
7.8
CVSSv2
CVE-2009-0609
Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3, when a JDBC data source is used, does not properly handle (1) a long value in an ADD or (2) long string attributes, which allows remote malicious users to ca...
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »