Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3967
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution unisng unsafe java object deserialization.
NA
CVE-2024-32888
The Amazon JDBC Driver for Redshift is a Type 4 JDBC driver that provides database connectivity through the standard JDBC application program interfaces (APIs) available in the Java Platform, Enterprise Editions. Prior to version 2.1.0.28, SQL injection is possible when using the...
NA
CVE-2024-4701
A path traversal issue potentially leading to remote code execution in Genie for all versions before 4.3.18
1 Github repository
NA
CVE-2024-30171
An issue exists in Bouncy Castle Java TLS API and JSSE Provider prior to 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.
NA
CVE-2024-30172
An issue exists in Bouncy Castle Java Cryptography APIs prior to 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.
NA
CVE-2024-29857
An issue exists in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) prior to 1.78, BC Java LTS prior to 2.73.6, BC-FJA prior to 1.0.2.5, and BC C# .Net prior to 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during ...
NA
CVE-2024-28866
GoCD is a continuous delivery server. GoCD versions from 19.4.0 to 23.5.0 (inclusive) are potentially vulnerable to a reflected cross-site scripting vulnerability on the loading page displayed while GoCD is starting, via abuse of a `redirect_to` query parameter with inadequate va...
NA
CVE-2023-38264
The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0 up to and including 7.1.5.21 and 8.0.0.0 up to and including 8.0.8.21 is vulnerable to a denial of service attack in some circumstances due to improper enforcement of the JEP 290 MaxRef and MaxDepth d...
NA
CVE-2024-34447
An issue exists in Bouncy Castle Java Cryptography APIs before BC 1.78. When endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname (as happens with HttpsURLConnection), hostname verification could be performed against a DNS-res...
NA
CVE-2023-39469
PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote malicious users to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw ex...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »