Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
oracle commerce guided search 11.3.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-21466
Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Oracle Commerce Guided Search 11.3.2
6.5
CVSSv3
CVE-2019-12406
Apache CXF before 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. This leaves open the possibility of a denial of service type attack, where a malicious user crafts a message containing a very large number of message attachments....
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
1 Github repository available
9.8
CVSSv3
CVE-2019-12419
Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the...
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
1 Github repository available
7.2
CVSSv3
CVE-2020-7712
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function....
Joyent Json
Oracle Commerce Guided Search 11.3.2
Oracle Timesten In-memory Database
Oracle Financial Services Regulatory Reporting With Agilereporter 8.0.9.6.3
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
1 Github repository available
5.4
CVSSv3
CVE-2021-32809
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could...
Ckeditor Ckeditor
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Commerce Guided Search 11.3.2
Oracle Commerce Merchandising 11.3.2
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Financial Services Analytical Applications Infrastructure
Oracle Jd Edwards Enterpriseone Tools
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
8.1
CVSSv3
CVE-2021-20190
A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability....
Fasterxml Jackson-databind
Netapp Oncommand Insight -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager -
Apache Nifi
Debian Debian Linux 9.0
Oracle Commerce Guided Search And Experience Manager 11.3.2
2 Github repositories available
5.4
CVSSv3
CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result...
Ckeditor Ckeditor
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Commerce Guided Search 11.3.2
Oracle Commerce Merchandising 11.3.2
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Model Management And Governance
Oracle Jd Edwards Enterpriseone Tools
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
7.5
CVSSv3
CVE-2019-12423
Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore...
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Communications Diameter Signaling Router
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
5.5
CVSSv3
CVE-2022-22946
In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or...
Vmware Spring Cloud Gateway 3.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Console 22.2.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
5.4
CVSSv3
CVE-2021-32808
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could...
Ckeditor Ckeditor
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Commerce Guided Search 11.3.2
Oracle Commerce Merchandising 11.3.2
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Model Management And Governance 8.0.8.0.0
Oracle Financial Services Model Management And Governance 8.1.0.0.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Siebel Ui Framework
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
SSTI
CVE-2023-28846
CVE-2022-47986
cache poisoning
CVE-2023-23397
CVE-2023-28755
CVE-2023-25040
CVE-2023-1755
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon