23 matches found
CVE-2026-7291
A weakness has been identified in o2oa up to 10.0. This affects the function FileAction of the file FileAction.java of the component URL Fetching. Executing a manipulation of the argument fileUrl can lead to server-side request forgery. It is possible to launch the attack remotely. The exploit ha...
CVE-2025-70821
renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...
EUVD-2016-6480
Malware in sbrugna...
EUVD-2016-9129
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-51775
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value. CVE-2023-51775...
CVE-2022-29784
PublicCMS V4.0.202204.a and below contains an information leak via the component /views/directive/sys/SysConfigDataDirective.java...
CVE-2025-25769
Wangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /controller/UserController.java...
RaspberryMatic 3.73.9.20240130 Remote Code Execution Exploit
RaspberryMatic / OCCU contains a unauthenticated remote code execution vulnerability, caused by multiple issues within the Java based HMIPServer.jar component. The webui allows for Firmware uploads which can be reached through the URL /pages/jpages/system/DeviceFirmware/addFirmware. This allows a...
[SECURITY] Fedora 40 Update: jetty-9.4.40-11.fc40
Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server like Apache in order to use Java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate...
SUSE CVE-2023-51775
The jose4j component before 0.9.4 for Java allows attackers to cause a denial of service CPU consumption via a large p2c aka PBES2 Count value...
Vulnerabilities fixed in IBM WebSphere Application Server
IBM has fixed vulnerabilities in WebSphere. The vulnerabilities are located in the Java component of WebSphere and allow a malicious party to carry out attacks that could lead to loss of data integrity and confidentiality. IBM did not release any other detailed information. A more precise risk...
Security Bulletin: Javadoc vulnerability exists in the IMS Connect API for Java component of IMS Enterprise Suite (CVE-2013-1571)
Abstract The IMS™ Connect API for Java™ component of IMS Enterprise Suite version 2.2 contains a frame injection vulnerability for Javadoc™. Content VULNERABILITY DETAILS CVE ID : CVE-2013-1571 DESCRIPTION HTML documentation generated by the Javadoc tool contains a security vulnerability. The...
CVE-2021-37819
PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite loop via the component /text/pdf/PdfReader.java...
Unspecified Vulnerability in Oracle GraalVM Enterprise Edition
Oracle GraalVM Enterprise Edition is a multilingual virtual machine based on Oracle's Enterprise Java SE. A security vulnerability exists in the Java component in Oracle GraalVM Enterprise Edition 19.3.3, 20.2.0. An attacker could exploit this vulnerability to gain unauthorized read access to a...
Unspecified Vulnerability in Oracle GraalVM Enterprise Edition Java Component
Oracle GraalVM is the United States Oracle Oracle company's set of instant compiler written in the Java language. The product supports a variety of programming languages and execution modes.GraalVM Enterprise Edition is the enterprise version of GraalVM. A security vulnerability exists in the...
CVE-2019-5326
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component...
SAP Customer Relationship Management Java Component Cross-Site Request Forgery Vulnerability
SAP Customer Relationship Management CRM is a set of customer relationship management solutions from SAP. The program includes modules for sales management, marketing management, customer service system , etc. Java component is one of the Java components. A cross-site request forgery vulnerabilit...
CVE-2017-15296
The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964...
Cross site request forgery (csrf)
The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964...
CVE-2016-8281
Unspecified vulnerability in the Oracle Platform Security for Java component in Oracle Fusion Middleware 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2016-553...