Code injection

Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2007-3715

CVE-2007-3715 affects Sun Java System Application Server and Web Server (7.0–9.0 prior to 20070710). The issue arises in XSLT transforms used in XML signatures, where an attacker could craft a stylesheet to trigger a context-dependent Java method execution, enabling remote code execution. The des...

CVE-2006-6276

Sun Java System Proxy Server versions prior to 20061130 are affected by an HTTP request smuggling vulnerability when used with Sun Java System Application Server or Sun Java System Web Server. Exploitation could bypass HTTP request filtering, enable web session hijacking, permit cross-site script...

CVE-2006-3225

CVE-2006-3225 describes a cross-site scripting (XSS) vulnerability affecting Sun ONE Application Server 7 before Update 9, Java System Application Server 7 (2004Q2) before Update 5, and Java System Application Server Enterprise Edition 8.1 (2005 Q1). The issue allows remote attackers to inject ar...

CVE-2005-4805

Technical details about CVE-2005-4805 are not publicly available in the provided documents; no specifics on affected product versions, vectors, or fixes are provided. Monitor for updates.

Cross site scripting

Cross-site scripting XSS vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and...

CVE-2006-2501

CVE-2006-2501 describes a cross-site scripting (XSS) vulnerability in multiple Sun web/server products (Sun ONE Web Server 6.0 SP9 and earlier; Sun Java System Web Server 6.1 SP4 and earlier; Sun ONE Application Server 7 Update 6 and earlier; Java System Application Server 7 2004Q2 Update 2 and e...

CVE-2005-0742

Cross-site scripting XSS vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2005-0742

CVE-2005-0742 describes a cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7. The issue allows remote attackers to inject arbitrary web script or HTML via unknown vectors, potentially affecting the integrity of user data. The cited NVD metrics indicate a low to mediu...

Multiple Vendor SOAP server array DoS

///////////////////////////////////////////////////////////////////// //===================== Security Advisory =====================// ///////////////////////////////////////////////////////////////////// --------------------------------------------------------------------- ----- Multiple Vendor...

CVE-2004-1816

Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service memory consumption...

CVE-2025-54355

CVE-2025-54355 entry is rejected/not used and does not represent an active vulnerability.