CVE-2000-1099
Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted J
Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted J
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 a
Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote attackers to obtain sensitive
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 thro
/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows rem
Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 throu
Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attacke
Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attacker
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whit
The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public
The processInvocation function in org.jboss.as.ejb3.security.AuthorizationInterceptor in JBoss Enter
JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) before 6.0.1, when using role-based a
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and ear
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and ear
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitra
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attacke
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring
Cross-site scripting (XSS) vulnerability in the JsonBuilder implementation in ProjectForge before 5.
Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue i
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacke
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingall
A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/
A cross-site scripting vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in co
A session fixation vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in cor
An information exposure vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier,
A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestOb
An improper authorization vulnerability exists in Jenkins Jira Plugin 3.0.1 and earlier in JiraSite.
A cross-site request forgery vulnerability exists in Jenkins Config File Provider Plugin 3.1 and ear
A cross-site request forgery vulnerability exists in Jenkins Email Extension Template Plugin 1.0 and
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipCha
An improper authorization vulnerability exists in Jenkins HipChat Plugin 2.2.0 and earlier in HipCha
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCl
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and earlier in MesosCl
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earli
An insufficiently protected credentials vulnerability exists in Jenkins Crowd 2 Integration Plugin 2
An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 an
An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8
Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComple
Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Jav
Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to
inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure
An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc
In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks.
In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. Th
There exists a race condition between the deletion of the temporary file and the creation of the tem
In SmartBear Collaborator Server through 13.3.13302, use of the Google Web Toolkit (GWT) API introdu
In createOrUpdate of Permission.java and related code, there is possible permission escalation due t
A vulnerability classified as critical has been found in JATOS. Affected is the function ZipUtil of
An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access cont
User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java
SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain se
When the Genie Company Aladdin Connect garage door opener (Retrofit-Kit Model ALDCM) is placed into
Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential d