Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle communications pricing design center 12.0.0.4.0 vulnerabilities and exploits

(subscribe to this query)
3.3
CVSSv3
CVE-2022-21388
Vulnerability in the Oracle Communications Pricing Design Center product of Oracle Communications Applications (component: On Premise Install). Supported versions that are affected are 12.0.0.3.0 and 12.0.0.4.0. Easily exploitable vulnerability allows low privileged attacker with...
Oracle Communications Pricing Design Center 12.0.0.3.0Oracle Communications Pricing Design Center 12.0.0.4.0
4.3
CVSSv3
CVE-2021-21275
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by...
Report Project ReportOracle Communications Cloud Native Core Network Slice Selection Function 1.2.1Oracle Communications Pricing Design Center 12.0.0.4.0Oracle Communications Pricing Design Center 12.0.0.5.0
3.3
CVSSv3
CVE-2020-8908
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the ...
Google GuavaQuarkus QuarkusOracle Peoplesoft Enterprise Peopletools 8.57Oracle Data Integrator 12.2.1.3.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Weblogic Server 14.1.1.0.0Oracle Data Integrator 12.2.1.4.0Oracle Nosql DatabaseOracle Commerce Guided Search 11.3.2Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1Oracle Retail Customer Management And Segmentation FoundationOracle Communications Pricing Design Center 12.0.0.4.0Oracle Communications Pricing Design Center 12.0.0.5.0Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Primavera Unifier 19.12Oracle Primavera Unifier 20.12Oracle Communications Cloud Native Core Network Repository Function 1.14.0Oracle Primavera Unifier 21.12Netapp Active Iq Unified Manager -
8.1
CVSSv3
CVE-2020-24616
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).
Fasterxml Jackson-databindNetapp Active Iq Unified Manager -Oracle Application Testing Suite 13.3.0.1Oracle Agile Plm 9.3.6Oracle Communications Policy Management 12.5.0Oracle Communications Diameter Signaling RouterOracle Communications Services Gatekeeper 7.0Oracle Communications Evolved Communications Application Server 7.1Oracle Communications Contacts Server 8.0.0.5.0Oracle Communications Calendar Server 8.0.0.4.0Oracle Communications Unified Inventory Management 7.4.1Oracle Communications Cloud Native Core Unified Data Repository 1.4.0Oracle Communications Element ManagerOracle Autovue For Agile Product Lifecycle Management 21.0.2Oracle Communications Messaging Server 8.1Oracle Siebel Ui FrameworkOracle Banking Supply Chain Finance 14.2Oracle Banking Supply Chain Finance 14.3Oracle Banking Supply Chain Finance 14.5Oracle Identity Manager Connector 11.1.1.5.0Oracle Communications Contacts Server 8.0Oracle Communications Calendar Server 8.0
8.1
CVSSv3
CVE-2020-24750
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.
Fasterxml Jackson-databindOracle Application Testing Suite 13.3.0.1Oracle Agile Plm 9.3.6Oracle Communications Policy Management 12.5.0Oracle Communications Diameter Signaling RouterOracle Communications Offline Mediation Controller 12.0.0.3.0Oracle Communications Services Gatekeeper 7.0Oracle Communications Contacts Server 8.0.0.5.0Oracle Communications Calendar Server 8.0.0.4.0Oracle Banking Credit Facilities Process Management 14.3.0Oracle Banking Corporate Lending Process Management 14.3.0Oracle Siebel Core - Server FrameworkOracle Communications Unified Inventory Management 7.4.1Oracle Communications Element ManagerOracle Autovue For Agile Product Lifecycle Management 21.0.2Oracle Banking Supply Chain Finance 14.2.0Oracle Banking Credit Facilities Process Management 14.2.0Oracle Banking Credit Facilities Process Management 14.5.0Oracle Banking Corporate Lending Process Management 14.2.0Oracle Banking Corporate Lending Process Management 14.5.0Oracle Banking Supply Chain Finance 14.5.0Oracle Banking Supply Chain Finance 14.3.0
8.1
CVSSv3
CVE-2020-35490
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.
Fasterxml Jackson-databindNetapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Application Testing Suite 13.3.0.1Oracle Banking Platform 2.6.2Oracle Agile Plm 9.3.6Oracle Webcenter Portal 12.2.1.4.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Banking Platform 2.9.0Oracle Communications Evolved Communications Application Server 7.1Oracle Banking Platform 2.8.0Oracle Banking Virtual Account Management 14.3.0Oracle Insurance Policy Administration J2ee 11.2.0Oracle Communications Interactive Session Recorder 6.3Oracle Communications Interactive Session Recorder 6.4Oracle Communications Diameter Signaling RouterOracle Communications Unified Inventory Management 7.4.1Oracle Retail Xstore Point Of Service 16.0.6
8.1
CVSSv3
CVE-2020-35491
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.
Fasterxml Jackson-databindNetapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Application Testing Suite 13.3.0.1Oracle Banking Platform 2.6.2Oracle Agile Plm 9.3.6Oracle Webcenter Portal 12.2.1.4.0Oracle Sd-wan Edge 9.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Banking Platform 2.9.0Oracle Communications Evolved Communications Application Server 7.1Oracle Banking Platform 2.8.0Oracle Banking Virtual Account Management 14.3.0Oracle Insurance Policy Administration J2ee 11.0.2Oracle Communications Unified Inventory Management 7.4.1Oracle Retail Xstore Point Of Service 16.0.6Oracle Retail Xstore Point Of Service 17.0.4Oracle Retail Xstore Point Of Service 18.0.3
8.1
CVSSv3
CVE-2020-36189
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.
Fasterxml Jackson-databindNetapp Cloud Backup -Netapp Service Level Manager -Debian Debian Linux 9.0Oracle Webcenter Portal 12.2.1.3.0Oracle Application Testing Suite 13.3.0.1Oracle Banking Platform 2.6.2Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Agile Plm 9.3.6Oracle Primavera Unifier 19.12Oracle Webcenter Portal 12.2.1.4.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Services Gatekeeper 7.0Oracle Retail Merchandising System 15.0.3Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Banking Platform 2.9.0Oracle Communications Evolved Communications Application Server 7.1Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Retail Service Backbone 16.0.3
4.8
CVSSv3
CVE-2021-29425
In Apache Commons IO prior to 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not furt...
Apache Commons Io 2.2Apache Commons Io 2.3Apache Commons Io 2.4Apache Commons Io 2.5Apache Commons Io 2.6Debian Debian Linux 9.0Oracle Weblogic Server 12.1.3.0.0Oracle Retail Integration Bus 13.0Oracle Flexcube Core Banking 5.2.0Oracle Solaris Cluster 4.0Oracle Access Manager 11.1.2.3.0Oracle Weblogic Server 12.2.1.3.0Oracle Webcenter Portal 12.2.1.3.0Oracle Access Manager 12.2.1.3.0Oracle Application Testing Suite 13.3.0.1Oracle Retail Order Broker 16.0Oracle Banking Platform 2.6.2Oracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Agile Plm 9.3.6Oracle Banking Digital Experience 18.3Oracle Banking Digital Experience 19.1
7.5
CVSSv3
CVE-2020-25649
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Fasterxml Jackson-databindNetapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Oncommand Api Services -Fedoraproject Fedora 32Quarkus QuarkusApache IotdbOracle Webcenter Portal 12.2.1.3.0Oracle Banking Platform 2.6.2Oracle Utilities Framework 4.3.0.5.0Oracle Utilities Framework 4.3.0.6.0Oracle Utilities Framework 4.4.0.0.0Oracle Agile Plm 9.3.6Oracle Coherence 12.2.1.4.0Oracle Webcenter Portal 12.2.1.4.0Oracle Sd-wan Edge 9.0Oracle Coherence 14.1.1.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Services Gatekeeper 7.0Oracle Banking Platform 2.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook