Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle goldengate vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2022-21551
Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: before 21.7.0.0.0; 19c: before 19.1.0.0.220719. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Gol...
Oracle Goldengate
8.8
CVSSv3
CVE-2022-21442
Vulnerability in Oracle GoldenGate (component: OGG Core Library). The supported version that is affected is before 23.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GoldenGate executes to compromise Oracle GoldenGa...
Oracle Goldengate
7.5
CVSSv3
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2
Fedoraproject Fedora 35
Redhat Jboss Operations Network 3.0
Redhat Jboss A-mq 6.0.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Web Server 3.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Enterprise Linux 8.0
Redhat Single Sign-on 7.0
Redhat Software Collections -
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Codeready Studio 12.0
Redhat Integration Camel K -
Redhat Openshift Container Platform 4.6
20 Github repositories
7.5
CVSSv3
CVE-2021-3749
axios is vulnerable to Inefficient Regular Expression Complexity
Axios Axios
Siemens Sinec Ins 1.0
Siemens Sinec Ins
Oracle Goldengate
3 Github repositories
8.3
CVSSv3
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced N...
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Retail Store Inventory Management 14.1
Oracle Ilearning 6.2
Oracle Hospitality Suite8 8.10.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Flexcube Investor Servicing 12.4.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Hospitality Reporting And Analytics 9.1.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Predictive Application Server 15.0.3
7.7
CVSSv3
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
F5 Nginx
Openresty Openresty
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Oracle Communications Operations Monitor 3.4
Oracle Enterprise Session Border Controller 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.4
Oracle Enterprise Session Border Controller 9.0
Oracle Communications Session Border Controller 9.0
Oracle Enterprise Communications Broker 3.3.0
Oracle Enterprise Telephony Fraud Monitor 4.2
Oracle Enterprise Telephony Fraud Monitor 4.3
Oracle Enterprise Telephony Fraud Monitor 4.4
Oracle Enterprise Telephony Fraud Monitor 3.4
Oracle Communications Operations Monitor 4.4
Oracle Communications Fraud Monitor
Oracle Communications Control Plane Monitor 4.2
Oracle Communications Control Plane Monitor 4.3
Oracle Communications Control Plane Monitor 4.4
27 Github repositories
1 Article
9.1
CVSSv3
CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend ...
Apache Maven
Quarkus Quarkus
Oracle Financial Services Analytical Applications Infrastructure
Oracle Goldengate Big Data And Application Adapters 23.1
1 Github repository
8.1
CVSSv3
CVE-2020-36180
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Rules Palette 11.0.2
1 Github repository
8.1
CVSSv3
CVE-2020-36182
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
1 Github repository
8.1
CVSSv3
CVE-2020-36183
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »