Medium
CVE-2025-0067
Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server Java, an attacker with standard user role can create JCo connection entries, which are used for remot…
Tag: Oracle JDK
All CVEs associated with "Oracle JDK". Page 9/43 • 5132 CVEs.
Subscribe CVEs: RSS for “Oracle JDK” · RSS (High+Critical only)
About “Oracle JDK”
A curated feed of “Oracle JDK”-related CVEs appears below. We currently track 5132 CVEs for this tag (all time). In the last 365 days, 784 were published. Average CVSS is 6.7 (all time; 6.3 over 365d), and 48% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
In our taxonomy this topic maps to a MODERATE impact class. JDK and JVM updates affect TLS, serialization, and performance. Upgrade JDK or JRE, restart dependents, avoid unsupported builds, and consider key or cert rotation if needed. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-01-14
Medium
CVE-2025-0057
SAP NetWeaver AS JAVA (User Admin Application) is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim v…
Medium
CVE-2025-0056
SAP GUI for Java saves user input on the client PC to improve usability. An attacker with administrative privileges or access to the victim�s user directory on the Operating System level would be abl…
2025-01-13
Medium
CVE-2025-23026
jte (Java Template Engine) is a secure and lightweight template engine for Java and Kotlin. In affected versions Jte HTML templates with `script` tags or script attributes that include a Javascript t…
Medium
CVE-2025-0410
A vulnerability classified as critical was found in liujianview gymxmjpa 1.0. This vulnerability affects the function MenberDaoInpl of the file src/main/java/com/liujian/gymxmjpa/controller/MenberCon…
Medium
CVE-2025-0409
A vulnerability classified as critical has been found in liujianview gymxmjpa 1.0. This affects the function MembertypeDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/MembertypeCont…
Medium
CVE-2025-0408
A vulnerability was found in liujianview gymxmjpa 1.0. It has been rated as critical. Affected by this issue is the function LoosDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/Loos…
Medium
CVE-2025-0407
A vulnerability was found in liujianview gymxmjpa 1.0. It has been declared as critical. Affected by this vulnerability is the function EquipmentDaoImpl of the file src/main/java/com/liujian/gymxmjpa…
Medium
CVE-2025-0406
A vulnerability was found in liujianview gymxmjpa 1.0. It has been classified as critical. Affected is the function SubjectDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/SubjectCon…
Medium
CVE-2025-0405
A vulnerability was found in liujianview gymxmjpa 1.0 and classified as critical. This issue affects the function GoodsDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/GoodsControlle…
Medium
CVE-2025-0404
A vulnerability has been found in liujianview gymxmjpa 1.0 and classified as critical. This vulnerability affects the function CoachController of the file src/main/java/com/liujian/gymxmjpa/controlle…
Medium
CVE-2025-0402
A vulnerability classified as critical was found in 1902756969 reggie 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/itheima/reggie/controller/CommonControll…
Medium
CVE-2025-0401
A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the function download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The ma…
2025-01-12
Medium
CVE-2025-0399
A vulnerability was found in StarSea99 starsea-mall 1.0. It has been declared as critical. This vulnerability affects the function UploadController of the file src/main/java/com/siro/mall/controller/…
2025-01-11
Medium
CVE-2025-0391
A vulnerability, which was classified as critical, has been found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This issue affects the function saveOrUpdate of the file org/jeecgfr…
2025-01-09
Medium
CVE-2024-13212
A vulnerability classified as critical has been found in SingMR HouseRent 1.0. This affects the function singleUpload/upload of the file src/main/java/com/house/wym/controller/AddHouseController.java…
Medium
CVE-2024-13211
A vulnerability was found in SingMR HouseRent 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/main/java/com/house/wym/controller/AdminControll…
Medium
CVE-2024-13210
A vulnerability was found in donglight bookstore电商书城系统说明 1.0. It has been declared as critical. Affected by this vulnerability is the function uploadPicture of the file src/main/java/org/zdd/bookstor…
Low
CVE-2024-13202
A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admi…
Medium
CVE-2024-13201
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This vulnerability affects the function upload of the file src/main/java/com/my/blog/website/controller/ad…
High
CVE-2024-13200
A vulnerability, which was classified as critical, was found in wander-chu SpringBoot-Blog 1.0. This affects the function preHandle of the file src/main/java/com/my/blog/website/interceptor/BaseInter…
Low
CVE-2024-13197
A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been rated as problematic. This issue affects the function updateUser of the file src/main/Java/org/zdd/bookstore/web/controller…
Low
CVE-2024-13196
A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been declared as problematic. This vulnerability affects the function BookSearchList of the file src/main/java/org/zdd/bookstore…
Medium
CVE-2024-13195
A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as critical. This affects the function getHtml of the file src/main/java/org/zdd/bookstore/rawl/HttpUtil.java. T…
2025-01-08
Low
CVE-2024-13192
A vulnerability, which was classified as problematic, was found in ZeroWdd myblog 1.0. Affected is the function update of the file src/main/java/com/wdd/myblog/controller/admin/BlogController.java. T…
Medium
CVE-2024-13191
A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function upload of the file src/main/java/com/wdd/myblog/controller/admin/uploadControl…
High
CVE-2024-13189
A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads…
2025-01-06
Medium
CVE-2024-13145
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uplo…
Medium
CVE-2024-13144
A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogCont…
Low
CVE-2024-13143
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/Per…
2025-01-05
Low
CVE-2024-13142
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controlle…
Medium
CVE-2024-13139
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileC…
Medium
CVE-2024-13138
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/Loc…
Low
CVE-2024-13137
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system…
Medium
CVE-2024-13136
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/Shir…
Medium
CVE-2024-13134
A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller…
Medium
CVE-2024-13133
A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanage…
2025-01-03
Critical
CVE-2024-55078
An arbitrary file upload vulnerability in the component /adminUser/updateImg of WukongCRM-11.0-JAVA v11.3.3 allows attackers to execute arbitrary code via uploading a crafted file.
High
CVE-2024-43769
In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local esca…
High
CVE-2024-43764
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to partially bypass lock screen. This could lead to local escalation of privilege with no additional execution privileges ne…
2025-01-02
Medium
CVE-2024-13111
A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file…
Medium
CVE-2024-13110
A vulnerability classified as problematic has been found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected is an unknown function of the file src/main/java/com/…
2024-12-29
Medium
CVE-2024-13022
A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/com…
2024-12-25
Critical
CVE-2024-52046
The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability…
2024-12-20
Critical
CVE-2024-56337
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 throu…
2024-12-19
Low
CVE-2024-12801
Server-Side Request Forgery (SSRF) in SaxEventRecorder by QOS.CH logback version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 on the Java platform, allows an attacker to forge requests by compromising logback…
Medium
CVE-2024-12798
ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java applications allows attacker to execute arbitrary code b…
2024-12-16
Medium
CVE-2024-35230
GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. In affected versions the welcome and about page includes version and revision informat…
Critical
CVE-2024-55557
ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials.
2024-12-13
High
CVE-2024-55887
Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML…
2024-12-12
Medium
CVE-2024-12482
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\ja…
Medium
CVE-2024-12481
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical. Affected by this vulnerability is the function findUser of the file wetech-cms-master\wetech-core\src\main\…
Medium
CVE-2024-12480
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been classified as critical. Affected is the function searchTopic of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\…
Medium
CVE-2024-12479
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2 and classified as critical. This issue affects the function searchTopicByKeyword of the file wetech-cms-master\wetech-core\src\main\java\tech\…
2024-12-09
Medium
CVE-2024-45761
Dell OpenManage Server Administrator, versions 11.0.1.0 and prior, contains an improper input validation vulnerability. A remote low-privileged malicious user could potentially exploit this vulnerabi…
Medium
CVE-2024-54919
A Stored Cross Site Scripting (XSS ) was found in /teacher_avatar.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary java script via t…
Medium
CVE-2024-12351
A vulnerability classified as critical has been found in JFinalCMS 1.0. This affects the function findPage of the file src\main\java\com\cms\entity\ContentModel.java of the component File Content Han…
Medium
CVE-2024-12350
A vulnerability was found in JFinalCMS 1.0. It has been rated as critical. Affected by this issue is the function update of the file \src\main\java\com\cms\controller\admin\TemplateController.java of…
2024-12-05
Low
CVE-2024-54140
sigstore-java is a sigstore java client for interacting with sigstore infrastructure. sigstore-java has insufficient verification for a situation where a bundle provides a invalid signature for a che…
Medium
CVE-2024-12235
A vulnerability was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 1.0.0. It has been declared as critical. Affected by this vulnerability is the function doFilter of the file…
High
CVE-2024-53490
Favorites-web 1.3.0 favorites-web has a directory traversal vulnerability in SecurityFilter.java.
2024-12-02
High
CVE-2018-9431
In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges need…
High
CVE-2018-9426
In RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no…
Critical
CVE-2024-53477
JFinal CMS 5.1.0 is vulnerable to Command Execution via unauthorized execution of deserialization in the file ApiForm.java
Critical
CVE-2024-53990
The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When making any HTTP request, the automatically enabled and self-…
2024-11-28
Medium
CVE-2024-11961
A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/cont…
High
CVE-2024-9669
The File Manager Pro – Filester plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 1.8.5 via the 'fm_locale' parameter. This makes it possible…
Medium
CVE-2018-9377
In getIntentForIntentSender of ActivityManagerService.java, there is a possible way to access user metadata due to a pending intent. This could lead to local escalation of privilege with no additiona…
High
CVE-2018-9374
In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is…
2024-11-27
High
CVE-2017-13316
In checkPermissions of RecognitionService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution…
2024-11-26
High
CVE-2024-53673
A java deserialization vulnerability in HPE Remote Insight Support may allow an unauthenticated attacker to execute code.
Medium
CVE-2024-53844
E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. A path traversal vulnerability exists in the backup export functionality of EDDI, as implemented in `Res…
Medium
CVE-2024-53267
sigstore-java is a sigstore java client for interacting with sigstore infrastructure. sigstore-java has insufficient verification for a situation where a validly-signed but "mismatched" bundle is pre…
2024-11-20
Medium
CVE-2018-9487
In setVpnForcedLocked of Vpn.java, there is a possible blocking of internet traffic through vpn due to a bad uid check. This could lead to local denial of service with no additional execution privile…
High
CVE-2018-9474
In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional…
High
CVE-2018-9471
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additio…
High
CVE-2018-9469
In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged a…
High
CVE-2018-9468
In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional…
High
CVE-2024-10382
There exists a code execution vulnerability in the Car App Android Jetpack Library. CarAppService uses deserialization logic that allows construction of arbitrary java classes. This can lead to arbit…
Critical
CVE-2018-9467
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges need…
2024-11-19
High
CVE-2018-9432
In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and by…
High
CVE-2018-9339
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional ex…
High
CVE-2023-21270
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an updat…
High
CVE-2017-13315
In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activ…
Medium
CVE-2024-50271
In the Linux kernel, the following vulnerability has been resolved: signal: restore the override_rlimit logic Prior to commit d64696905554 ("Reimplement RLIMIT_SIGPENDING on top of ucounts") UCOUNT…
2024-11-15
High
CVE-2017-13314
In setAllowOnlyVpnForUids of NetworkManagementService.java, there is a possible security settings bypass due to a missing permission check. This could lead to local escalation of privilege allowing u…
High
CVE-2017-13312
In createFromParcel of MediaCas.java, there is a possible parcel read/write mismatch due to improper input validation. This could lead to local escalation of privilege where an app can start an activ…
Medium
CVE-2017-13311
In the read() function of ProcessStats.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can star…
High
CVE-2017-13310
In createFromParcel of ViewPager.java, there is a possible read/write serialization issue leading to a permissions bypass. This could lead to local escalation of privilege where an app can start an a…
Medium
CVE-2017-13309
In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges…
Medium
CVE-2024-50652
A file upload vulnerability in java_shop 1.0 allows attackers to upload arbitrary files by modifying the avatar function.
Medium
CVE-2024-50651
java_shop 1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
Medium
CVE-2024-50355
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can edit the Display Name of a device, the application did not properly sanitize the user input in the…
Medium
CVE-2024-49758
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExampleP…
2024-11-13
High
CVE-2024-43093
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. Th…
High
CVE-2024-43089
In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional exec…
High
CVE-2024-43088
In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. This could lead to…
High
CVE-2024-43087
In getInstalledAccessibilityPreferences of AccessibilitySettings.java, there is a possible way to hide an enabled accessibility service in the accessibility service settings due to a logic error in t…
Medium
CVE-2024-43086
In validateAccountsInternal of AccountManagerService.java, there is a possible way to leak account credentials to a third party app due to a confused deputy. This could lead to local information disc…
High
CVE-2024-43085
In handleMessage of UsbDeviceManager.java, there is a possible method to access device contents over USB without unlocking the device due to a logic error in the code. This could lead to local escala…
Medium
CVE-2024-43083
In validate of WifiConfigurationUtil.java , there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privil…
Medium
CVE-2024-43082
In onActivityResult of EditUserPhotoController.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution p…
High
CVE-2024-43081
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no…
High
CVE-2024-43080
In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution…
High
CVE-2024-40661
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. This could lead to local escalation of privileg…
2024-11-12
Medium
CVE-2024-47592
SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrit…
Medium
CVE-2024-47588
In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software upgrade encounters errors, credentials are written in plaintext to a log file. An attacker with local acc…
Medium
CVE-2024-42372
Due to missing authorization check in SAP NetWeaver AS Java (System Landscape Directory) an unauthorized user can read and modify some restricted global SLD configurations causing low impact on confi…
2024-11-08
High
CVE-2024-52007
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. XSLT parsing performed by various components are vulnerable to XML external entity injections.…
Low
CVE-2024-11026
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/ne…
2024-11-07
Medium
CVE-2024-51994
Combodo iTop is a web based IT Service Management tool. In affected versions uploading a text file containing some java script in the portal will trigger an Cross-site Scripting (XSS) vulnerability.…
2024-11-06
Low
CVE-2024-10920
A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\…
2024-11-04
High
CVE-2024-48336
The install() function of ProviderInstaller.java in Magisk App before canary version 27007 does not verify the GMS app before loading it, which allows a local untrusted app with no additional privile…
Low
CVE-2024-10748
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmo…
2024-11-01
Medium
CVE-2024-10660
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the…
Medium
CVE-2024-10659
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthor…
Medium
CVE-2024-10613
A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/system/SystemEnc…
Medium
CVE-2024-10612
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function removeHookInvalidCourse of the file /com/esafenet/servlet/system/HookInvalidCourseService.jav…
Medium
CVE-2024-10611
A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulat…
Medium
CVE-2024-10610
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The man…