Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
5.3
CVSSv3
CVE-2019-0318
Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an malicious user to access information which would otherwise be restricted.
Sap Netweaver Application Server Java 7.45
Sap Netweaver Application Server Java 7.53
Sap Netweaver Application Server Java 7.21
Sap Netweaver Application Server Java 7.22
Sap Netweaver Application Server Java 7.49
NA
CVE-2006-3921
Sun Java System Application Server (SJSAS) 7 up to and including 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.
Sun Java System Application Server 7.0
Sun Java System Application Server 8.1
Sun Java System Web Server 6.0
Sun Java System Application Server 7.1
Sun Java System Web Server 6.1
7.2
CVSSv3
CVE-2020-26820
SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use...
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
NA
CVE-2008-2945
Sun Java System Access Manager 6.3 up to and including 7.1 and Sun Java System Identity Server 6.1 and 6.2 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent malicious users to execute arbitrary code via a crafted stylesh...
Sun Java System Access Manager 7.0
Sun Java System Access Manager 7.1
Sun Java System Identity Server 6.1
Sun Java System Identity Server 6.2
Sun Java System Access Manager 6.3
NA
CVE-2009-4441
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3.1 does not enable the SO_KEEPALIVE socket option, which makes it easier for remote malicious users to cause a denial of service (connection slot exhaustion) via multipl...
Sun Java System Directory Server 6.0
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3.1
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.3
NA
CVE-2009-4442
Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3.1 does not properly implement the max-client-connections configuration setting, which allows remote malicious users to cause a denial of service (connection slot exhaus...
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.0
Sun Java System Directory Server 6.1
Sun Java System Directory Server 6.3.1
7.1
CVSSv3
CVE-2018-2492
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.
Sap Netweaver Application Server Java 7.20
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
NA
CVE-2009-4443
Unspecified vulnerability in the psearch (aka persistent search) functionality in Directory Proxy Server (DPS) in Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3.1 allows remote malicious users to cause a denial of service (psearch outage) by using...
Sun Java System Directory Server 6.3.1
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.0
Sun Java System Directory Server 6.1
NA
CVE-2007-1681
Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 up to and including 2.2.5 allows remote malicious users to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vecto...
Sun Java Web Console 2.2.4
Sun Java Web Console 2.2.5
Sun Java Web Console 2.2.2
Sun Java Web Console 2.2.3
Sun Solaris 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »