Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java sdk vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-40609
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote malicious user to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code o...
Ibm Sdk
9.8
CVSSv3
CVE-2022-4725
A vulnerability was found in AWS SDK 2.59.0. It has been rated as critical. This issue affects the function XpathUtils of the file aws-android-sdk-core/src/main/java/com/amazonaws/util/XpathUtils.java of the component XML Parser. The manipulation leads to server-side request forg...
Amazon Aws Software Development Kit
9.8
CVSSv3
CVE-2019-0729
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an malicious user to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.
Microsoft Java Software Development Kit -
1 Article
8.8
CVSSv3
CVE-2023-39913
Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: prior to 3.5.0. Users are recommended to upgrade to version 3.5.0, which f...
Apache Uimaj
8.8
CVSSv3
CVE-2023-25617
SAP Business Object (Adaptive Job Server) - versions 420, 430, allows remote execution of arbitrary commands on Unix, when program objects execution is enabled, to authenticated users with scheduling rights, using the BI Launchpad, Central Management Console or a custom applicati...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
1 Article
8.8
CVSSv3
CVE-2021-40828
Connections initialized by the AWS IoT Device SDK v2 for Java (versions before 1.3.3), Python (versions before 1.5.18), C++ (versions before 1.12.7) and Node.js (versions before 1.5.1) did not verify server certificate hostname during TLS handshake when overriding Certificate Aut...
Amazon Amazon Web Services Aws-c-io
Amazon Amazon Web Services Internet Of Things Device Software Development Kit V2
8.8
CVSSv3
CVE-2021-40830
The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on Unix systems. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the system&rsq...
Amazon Amazon Web Services Aws-c-io 0.10.4
Amazon Amazon Web Services Internet Of Things Device Software Development Kit V2
8.8
CVSSv3
CVE-2021-40829
Connections initialized by the AWS IoT Device SDK v2 for Java (versions before 1.4.2), Python (versions before 1.6.1), C++ (versions before 1.12.7) and Node.js (versions before 1.5.3) did not verify server certificate hostname during TLS handshake when overriding Certificate Auth...
Amazon Amazon Web Services Internet Of Things Device Software Development Kit V2
8.1
CVSSv3
CVE-2020-8897
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers such as AES-GCM-SIV or (X)ChaCha20Poly1305) used by the SDKs to encrypt messages, an...
Amazon Aws Encryption Sdk
8.1
CVSSv3
CVE-2018-1417
Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
Ibm Java Sdk 8.0.0.0
Ibm Java Sdk 7.0.0.0
Ibm Java Sdk 7.1.0.0
Ibm Java Sdk 6.0.0.0
Ibm Java Sdk 6.1.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »