Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle primavera gateway 15.1 vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2017-3500
Vulnerability in the Primavera Gateway component of Oracle Primavera Products Suite (subcomponent: Primavera Desktop Integration). Supported versions that are affected are 1.0, 1.1, 14.2, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows high privileg...
Oracle Primavera Gateway 1.0
Oracle Primavera Gateway 1.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 15.2
Oracle Primavera Gateway 14.2
Oracle Primavera Gateway 15.1
6.5
CVSSv2
CVE-2017-3508
Vulnerability in the Primavera Gateway component of Oracle Primavera Products Suite (subcomponent: Primavera Desktop Integration). Supported versions that are affected are 1.0, 1.1, 14.2, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows high privileg...
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 1.0
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 15.1
Oracle Primavera Gateway 1.1
Oracle Primavera Gateway 15.2
Oracle Primavera Gateway 14.2
4.3
CVSSv2
CVE-2018-0735
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
Openssl Openssl 1.1.1
Openssl Openssl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Nodejs Node.js 10.13.0
Nodejs Node.js
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Oncommand Unified Manager
Netapp Steelstore -
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Snapdrive -
Netapp Smi-s Provider -
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Api Gateway 11.1.2.4.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
1 Github repository
4.3
CVSSv2
CVE-2018-0734
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fi...
Openssl Openssl 1.1.1
Openssl Openssl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Nodejs Node.js
Nodejs Node.js 10.13.0
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Oncommand Unified Manager
Netapp Steelstore -
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Storage Automation Store -
Oracle Api Gateway 11.1.2.4.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Mysql Enterprise Backup
1 Github repository
1.9
CVSSv2
CVE-2018-5407
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Nodejs Node.js
Openssl Openssl
Tenable Nessus
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Api Gateway 11.1.2.4.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Primavera P6 Enterprise Project Portfolio Management 8.4
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Vm Virtualbox
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j...
Apache Log4j
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Netapp Oncommand Workflow Automation -
Netapp Oncommand System Manager
Oracle Retail Service Backbone 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Financial Services Lending And Leasing
Oracle Financial Services Lending And Leasing 12.5.0
Oracle Communications Network Integrity
18 Github repositories
1 Article
4.3
CVSSv2
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
98 Github repositories
7.5
CVSSv2
CVE-2019-10086
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an malicious user to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of th...
Apache Commons Beanutils
Apache Nifi 1.14.0
Apache Nifi 1.15.0
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Jboss Enterprise Application Platform 7.2.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Flexcube Private Banking 12.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Fusion Middleware 11.1.1.9
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started