Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

jd edwards enterpriseone orchestrator vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2023-22050
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). Supported versions that are affected are before 9.2.7.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...
Oracle Jd Edwards Enterpriseone Orchestrator
NA
CVE-2022-21532
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator). Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to co...
Oracle Jd Edwards Enterpriseone Orchestrator
5.8
CVSSv2
CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Santricity Smi-s Provider -Netapp Clustered Data Ontap -Netapp Clustered Data Ontap Antivirus Connector -Netapp Solidfire -Netapp Hci Management Node -Netapp Manageability Software Development Kit -Netapp Storage Encryption -Netapp E-series Santricity Os ControllerMcafee Epolicy Orchestrator 5.10.0Mcafee Epolicy OrchestratorTenable Tenable.scTenable Nessus Network MonitorOracle Peoplesoft Enterprise Peopletools 8.57Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Zfs Storage Appliance Kit 8.8Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Mysql ServerOracle Mysql Workbench
5
CVSSv2
CVE-2021-23840
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be...
Openssl OpensslDebian Debian Linux 10.0Tenable Nessus Network Monitor 5.11.1Tenable Nessus Network Monitor 5.12.0Tenable Nessus Network Monitor 5.12.1Tenable Nessus Network Monitor 5.13.0Tenable Nessus Network Monitor 5.11.0Tenable Log Correlation EngineOracle Business Intelligence 12.2.1.3.0Oracle Jd Edwards World Security A9.4Oracle Business Intelligence 12.2.1.4.0Oracle Business Intelligence 5.5.0.0.0Oracle Enterprise Manager For Storage Management 13.4.0.0Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Graalvm 20.3.1.2Oracle Graalvm 21.0.0.2Oracle Graalvm 19.3.5Oracle Mysql ServerOracle Nosql DatabaseOracle Jd Edwards Enterpriseone ToolsOracle Business Intelligence 5.9.0.0.0Oracle Communications Cloud Native Core Policy 1.15.0
5
CVSSv2
CVE-2021-2052
Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: E1 IOT Orchestrator Security). The supported version that is affected is before 9.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HT...
Oracle Jd Edwards Enterpriseone Orchestrator
6.8
CVSSv2
CVE-2020-36179
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -Netapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Application Testing Suite 13.3.0.1Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Agile Plm 9.3.6Oracle Communications Policy Management 12.5.0Oracle Primavera Unifier 19.12Oracle Webcenter Portal 12.2.1.4.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Communications Evolved Communications Application Server 7.1Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Data Integrator 12.2.1.4.0Oracle Primavera Unifier 20.12Oracle Banking Virtual Account Management 14.3.0Oracle Insurance Rules Palette 11.0.2Oracle Commerce Platform
6.8
CVSSv2
CVE-2020-36180
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -Netapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Primavera Unifier 17.2Oracle Application Testing Suite 13.3.0.1Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Agile Plm 9.3.6Oracle Communications Policy Management 12.5.0Oracle Primavera Unifier 19.12Oracle Webcenter Portal 12.2.1.4.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Communications Evolved Communications Application Server 7.1Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Data Integrator 12.2.1.4.0Oracle Primavera Unifier 20.12Oracle Banking Virtual Account Management 14.3.0Oracle Insurance Rules Palette 11.0.2
6.8
CVSSv2
CVE-2020-36182
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
Fasterxml Jackson-databindNetapp Cloud Backup -Netapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Primavera Unifier 17.2Oracle Application Testing Suite 13.3.0.1Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Agile Plm 9.3.6Oracle Communications Policy Management 12.5.0Oracle Primavera Unifier 19.12Oracle Webcenter Portal 12.2.1.4.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Communications Evolved Communications Application Server 7.1Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Data Integrator 12.2.1.4.0Oracle Primavera Unifier 20.12Oracle Banking Virtual Account Management 14.3.0
6.8
CVSSv2
CVE-2020-36183
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
Fasterxml Jackson-databindNetapp Cloud Backup -Netapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Primavera Unifier 17.2Oracle Application Testing Suite 13.3.0.1Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Agile Plm 9.3.6Oracle Communications Policy Management 12.5.0Oracle Primavera Unifier 19.12Oracle Webcenter Portal 12.2.1.4.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Communications Evolved Communications Application Server 7.1Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Data Integrator 12.2.1.4.0Oracle Primavera Unifier 20.12Oracle Banking Virtual Account Management 14.3.0
6.8
CVSSv2
CVE-2020-36181
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.
Netapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Primavera Unifier 17.2Oracle Application Testing Suite 13.3.0.1Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Agile Plm 9.3.6Oracle Communications Policy Management 12.5.0Oracle Primavera Unifier 19.12Oracle Webcenter Portal 12.2.1.4.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Communications Evolved Communications Application Server 7.1Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Data Integrator 12.2.1.4.0Oracle Primavera Unifier 20.12Oracle Banking Virtual Account Management 14.3.0Oracle Insurance Rules Palette 11.0.2Oracle Commerce Platform
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook