Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
oracle commerce platform 11.3.2 vulnerabilities and exploits
(subscribe to this query)
5.5
CVE-2022-21559
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows low privileged attacker with logon to the...
Oracle Commerce Platform 11.3.1
Oracle Commerce Platform 11.3.0
Oracle Commerce Platform 11.3.2
2 Github repositories available
5.3
CVSSv3
CVE-2022-21387
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...
Oracle Commerce Platform 11.3.0
Oracle Commerce Platform 11.3.1
Oracle Commerce Platform 11.3.2
2 Github repositories available
9.8
CVSSv3
CVE-2021-2463
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network...
Oracle Commerce Platform 11.0.0
Oracle Commerce Platform 11.1.0
Oracle Commerce Platform 11.2.0
Oracle Commerce Platform
6.1
CVSSv3
CVE-2020-27193
A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs....
Ckeditor Ckeditor 4.15.0
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.8.0
Oracle Banking Platform 2.9.0
Oracle Commerce Merchandising 11.0.0
Oracle Commerce Merchandising 11.1.0
Oracle Commerce Merchandising 11.2.0
Oracle Commerce Merchandising 11.3.0
Oracle Commerce Merchandising 11.3.1
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Jd Edwards Enterpriseone Tools
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
9.8
CVSSv3
CVE-2019-12419
Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the...
Apache Cxf
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Order Broker 15.0
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Commerce Guided Search 11.3.2
5.4
CVSSv3
CVE-2022-24728
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing...
Ckeditor Ckeditor
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Trade-based Anti Money Laundering 8.0.7
Oracle Financial Services Trade-based Anti Money Laundering 8.0.8
Fedoraproject Fedora 36
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1
Oracle Financial Services Behavior Detection Platform
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Behavior Detection Platform 8.0.8.0
Oracle Financial Services Behavior Detection Platform 8.0.7.0
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-24729
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop...
Ckeditor Ckeditor
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Trade-based Anti Money Laundering 8.0.7
Oracle Financial Services Trade-based Anti Money Laundering 8.0.8
Fedoraproject Fedora 36
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1
Oracle Financial Services Behavior Detection Platform
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Behavior Detection Platform 8.0.8.0
Oracle Financial Services Behavior Detection Platform 8.0.7.0
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath...
Apache Santuario Xml Security For Java
Apache Tomee
Apache Cxf 3.4.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Flexcube Private Banking 12.1.0
Oracle Agile Plm 9.3.6
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Outside In Technology 8.5.5
Oracle Weblogic Server 14.1.1.0.0
Oracle Retail Merchandising System 16.0.3
Oracle Retail Service Backbone 16.0.3
Oracle Retail Financial Integration 16.0.3
Oracle Retail Integration Bus 16.0.3
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Retail Service Backbone 15.0.3.1
Oracle Retail Service Backbone 14.1.3.2
Oracle Communications Messaging Server 8.1
Oracle Retail Merchandising System 19.0.1
Oracle Retail Integration Bus 14.1.3.2
Oracle Retail Financial Integration 14.1.3.2
Oracle Retail Integration Bus 15.0.3.1
Oracle Retail Financial Integration 15.0.3.1
Oracle Commerce Platform 11.3.2
Oracle Retail Service Backbone 19.0.1
Oracle Retail Integration Bus 19.0.1
Oracle Retail Financial Integration 19.0.1
Oracle Communications Diameter Intelligence Hub
Oracle Retail Bulk Data Integration 16.0.3
2 Github repositories available
7.5
CVSSv3
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Siebel Ui Framework
Oracle Mysql Enterprise Monitor
Oracle Managed File Transfer 12.2.1.4.0
Oracle Commerce Guided Search 11.3.2
Oracle Fmw Platform 12.2.1.4.0
Oracle Fmw Platform 12.2.1.3.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Instant Messaging Server 10.0.1.5.0
Oracle Blockchain Platform
35 Github repositories available
7.5
CVSSv3
CVE-2020-36518
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects....
Fasterxml Jackson-databind
Oracle Weblogic Server 12.2.1.3.0
Oracle Commerce Platform 11.3.1
Oracle Utilities Framework 4.3.0.5.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Sd-wan Edge 9.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Coherence 14.1.1.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Global Lifecycle Management Nextgen Oui Framework 13.9.4.2.2
Oracle Primavera Unifier 20.12
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Primavera Gateway
Oracle Utilities Framework 4.4.0.3.0
Oracle Sd-wan Edge 9.1
Oracle Commerce Platform 11.3.0
Oracle Commerce Platform 11.3.2
Oracle Primavera Unifier 21.12
Oracle Financial Services Trade-based Anti Money Laundering 8.0.7
Oracle Financial Services Trade-based Anti Money Laundering 8.0.8
Oracle Financial Services Behavior Detection Platform 8.0.8
Oracle Big Data Spatial And Graph
Oracle Financial Services Enterprise Case Management 8.0.8.1
Oracle Financial Services Enterprise Case Management 8.0.7.1
Oracle Financial Services Enterprise Case Management 8.0.8.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.0.7.2
Oracle Communications Billing And Revenue Management
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Oracle Utilities Framework 4.4.0.5.0
Oracle Global Lifecycle Management Nextgen Oui Framework
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1
Oracle Financial Services Enterprise Case Management
Oracle Retail Sales Audit 15.0.3.1
Oracle Health Sciences Empirica Signal 9.1.0.5.2
Oracle Spatial Studio
Oracle Primavera Unifier 18.0
Oracle Financial Services Behavior Detection Platform 8.0.7.0.0
Oracle Financial Services Behavior Detection Platform
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Unifier
Oracle Financial Services Analytical Applications Infrastructure
Oracle Communications Cloud Native Core Service Communication Proxy 22.2.0
Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.1
Oracle Global Lifecycle Management Opatch
Oracle Graph Server And Client
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snap Creator Framework -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Netapp Cloud Insights Acquisition Unit -
9 Github repositories available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XSS
CVE-2023-48314
CVE-2023-6376
CVE-2023-46384
arbitrary code
CVE-2023-42917
CVE-2023-48842
CVE-2023-42916
firewall
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon