Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
java sdk vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-4473
Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984.
Ibm Java 7.0.0.0
Ibm Java 8.0
Ibm Java 7.1.4.50
7.8
CVSSv3
CVE-2018-1890
IBM SDK, Java Technology Edition Version 8 on the AIX platform uses absolute RPATHs which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 152081.
Ibm Sdk 8.0
7.8
CVSSv3
CVE-2018-2569
Vulnerability in the Java ME SDK component of Oracle Java Micro Edition (subcomponent: Installer). The supported version that is affected is 8.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java ME SDK executes to compro...
Oracle Java Me 8.3
7.5
CVSSv3
CVE-2023-39410
When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should upda...
Apache Avro
7.5
CVSSv3
CVE-2020-9040
Couchbase Server Java SDK prior to 2.7.1.1 allows a potential malicious user to forge an SSL certificate and pose as the intended peer. An attacker can leverage this flaw by crafting a cryptographically valid certificate that will be accepted by Java SDK's Netty component du...
Couchbase Couchbase Server Java Sdk
7.5
CVSSv3
CVE-2019-0741
An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.
Microsoft Java Software Development Kit -
1 Article
7.5
CVSSv3
CVE-2018-13439
WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL.
Tencent Wechat Pay -
7.4
CVSSv3
CVE-2020-16971
Azure SDK for Java Security Feature Bypass Vulnerability
Microsoft Azure Sdk For Java -
7.2
CVSSv3
CVE-2021-40831
The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on macOS systems. Additionally, SNI validation is also not enabled when the CA has been “overridden”. TLS handshakes...
Amazon Amazon Web Services Aws-c-io 0.10.7
Amazon Amazon Web Services Internet Of Things Device Software Development Kit V2
7
CVSSv3
CVE-2021-21428
Openapi generator is a java tool which allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the co...
Openapi-generator Openapi Generator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »