Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle primavera gateway vulnerabilities and exploits

(subscribe to this query)

9.1
CVSSv3
CVE-2017-3508
Vulnerability in the Primavera Gateway component of Oracle Primavera Products Suite (subcomponent: Primavera Desktop Integration). Supported versions that are affected are 1.0, 1.1, 14.2, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows high...
Oracle Primavera Gateway 16.2Oracle Primavera Gateway 1.0Oracle Primavera Gateway 16.1Oracle Primavera Gateway 15.1Oracle Primavera Gateway 1.1Oracle Primavera Gateway 15.2Oracle Primavera Gateway 14.2
8.7
CVSSv3
CVE-2017-3500
Vulnerability in the Primavera Gateway component of Oracle Primavera Products Suite (subcomponent: Primavera Desktop Integration). Supported versions that are affected are 1.0, 1.1, 14.2, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows high...
Oracle Primavera Gateway 1.0Oracle Primavera Gateway 1.1Oracle Primavera Gateway 16.2Oracle Primavera Gateway 16.1Oracle Primavera Gateway 15.2Oracle Primavera Gateway 14.2Oracle Primavera Gateway 15.1
9.8
CVSSv3
CVE-2019-14540
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig....
Fasterxml Jackson-databindNetapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Steelstore Cloud Integrated Storage -Fedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Oracle Banking Platform 2.4.0Oracle Banking Platform 2.4.1Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Customer Management And Segmentation Foundation 18.0Oracle Financial Services Analytical Applications InfrastructureOracle Global Lifecycle Management OpatchOracle Goldengate Application Adapters 19.1.0.0.0Oracle Goldengate Stream AnalyticsOracle MysqlOracle Primavera Gateway 15.2Oracle Primavera Gateway 15.2.18Oracle Primavera Gateway 16.2Oracle Primavera Gateway 16.2.11Oracle Primavera Gateway 17.12Oracle Primavera Gateway 17.12.6Oracle Primavera Gateway 18.8.0Oracle Primavera Gateway 18.8.8.1Oracle Primavera Unifier 16.1Oracle Primavera Unifier 16.2Oracle Primavera UnifierOracle Primavera Unifier 18.8Oracle Primavera Unifier 19.12Oracle Retail Customer Management And Segmentation Foundation 17.0Oracle Retail Xstore Point Of Service 7.1Oracle Retail Xstore Point Of Service 15.0Oracle Retail Xstore Point Of Service 16.0Oracle Retail Xstore Point Of Service 17.0Oracle Retail Xstore Point Of Service 18.0Oracle Weblogic Server 12.2.1.3.0
9.8
CVSSv3
CVE-2019-16335
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540....
Fasterxml Jackson-databindFedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Netapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Steelstore Cloud Integrated Storage -Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Oracle Banking Platform 2.4.0Oracle Banking Platform 2.4.1Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Customer Management And Segmentation Foundation 18.0Oracle Financial Services Analytical Applications InfrastructureOracle Global Lifecycle Management OpatchOracle Goldengate Application Adapters 19.1.0.0.0Oracle Goldengate Stream AnalyticsOracle Primavera Gateway 15.2Oracle Primavera Gateway 16.1Oracle Primavera Gateway 16.2Oracle Primavera GatewayOracle Primavera Gateway 18.8.0Oracle Retail Customer Management And Segmentation Foundation 17.0Oracle Retail Xstore Point Of Service 7.1Oracle Retail Xstore Point Of Service 15.0Oracle Retail Xstore Point Of Service 16.0Oracle Retail Xstore Point Of Service 17.0Oracle Retail Xstore Point Of Service 18.0Oracle Weblogic Server 12.2.1.3.0
9.8
CVSSv3
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution....
Fasterxml Jackson-databindDebian Debian Linux 8.0Netapp Active Iq Unified ManagerNetapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Snapcenter -Fedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Redhat Openshift Container Platform 4.1Redhat Single Sign-on 7.3Redhat Openshift Container Platform 3.11Oracle Banking Platform 2.4.0Oracle Banking Platform 2.4.1Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Communications Diameter Signaling Router 8.0.0Oracle Communications Diameter Signaling Router 8.1Oracle Communications Diameter Signaling Router 8.2Oracle Communications Diameter Signaling Router 8.2.1Oracle Communications Instant Messaging Server 10.0.1.3.0Oracle Financial Services Analytical Applications InfrastructureOracle Goldengate Stream AnalyticsOracle Jd Edwards Enterpriseone Orchestrator 9.2Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Primavera Gateway 15.2Oracle Primavera Gateway 16.2Oracle Primavera Gateway 17.12Oracle Primavera Gateway 18.8.0Oracle Primavera Unifier 16.1Oracle Primavera Unifier 16.2Oracle Primavera UnifierOracle Primavera Unifier 18.8Oracle Retail Customer Management And Segmentation Foundation 17.0Oracle Retail Xstore Point Of Service 7.1Oracle Retail Xstore Point Of Service 15.0Oracle Retail Xstore Point Of Service 16.0Oracle Retail Xstore Point Of Service 17.0Oracle Retail Xstore Point Of Service 18.0Oracle Siebel Engineering - Installer \\& DeploymentOracle Siebel Ui FrameworkApple Xcode
9.8
CVSSv3
CVE-2019-17195
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass....
Connect2id Nimbus Jose\\+jwtApache Hadoop 3.2.1Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0Oracle Communications Pricing Design Center 12.0.0.3.0Oracle Data Integrator 12.2.1.4.0Oracle Enterprise Manager Base Platform 13.4.0.0Oracle Healthcare Data Repository 8.1.0Oracle Insurance Policy AdministrationOracle Jd Edwards Enterpriseone OrchestratorOracle Jd Edwards Enterpriseone ToolsOracle Peoplesoft Enterprise Peopletools 8.58Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Policy AutomationOracle Primavera GatewayOracle Primavera Gateway 19.12.0Oracle Weblogic Server 12.2.1.3.0Oracle Weblogic Server 12.2.1.4.0
5.9
CVSSv3
CVE-2018-0735
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1)....
Openssl Openssl 1.1.1Openssl OpensslCanonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.10Canonical Ubuntu Linux 18.04Debian Debian Linux 9.0Debian Debian Linux 8.0Nodejs Node.jsNetapp Cn1610 Firmware -Netapp Snapdrive -Netapp Element Software -Netapp Cloud Backup -Netapp Oncommand Unified ManagerNetapp Santricity Smi-s Provider -Netapp Steelstore -Netapp Smi-s Provider -Oracle Primavera P6 Enterprise Project Portfolio Management 15.2Oracle Primavera P6 Enterprise Project Portfolio Management 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 16.2Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Vm VirtualboxOracle Peoplesoft Enterprise Peopletools 8.55Oracle Enterprise Manager Base Platform 12.1.0.5.0Oracle Enterprise Manager Base Platform 13.2.0.0.0Oracle Enterprise Manager Base Platform 13.3.0.0.0Oracle Application Server 0.9.8Oracle Peoplesoft Enterprise Peopletools 8.56Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Primavera P6 Enterprise Project Portfolio Management 8.4Oracle Api Gateway 11.1.2.4.0Oracle Enterprise Manager Ops Center 12.3.3Oracle Application Server 1.0.0Oracle MysqlOracle Primavera P6 Enterprise Project Portfolio Management 15.1Oracle Primavera P6 Enterprise Project Portfolio Management 18.8Oracle Tuxedo 12.1.1.0.0Oracle Application Server 1.0.1Oracle Secure Global Desktop 5.4
4.7
CVSSv3
CVE-2018-5407
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'....
Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.10Debian Debian Linux 9.0Debian Debian Linux 8.0Nodejs Node.jsOpenssl OpensslTenable NessusOracle Peoplesoft Enterprise Peopletools 8.57Oracle Peoplesoft Enterprise Peopletools 8.55Oracle Mysql Enterprise BackupOracle Primavera P6 Enterprise Project Portfolio Management 16.2Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Primavera P6 Enterprise Project Portfolio Management 18.8Oracle Primavera P6 Enterprise Project Portfolio Management 8.4Oracle Api Gateway 11.1.2.4.0Oracle Enterprise Manager Base Platform 13.2.0.0.0Oracle Enterprise Manager Base Platform 13.3.0.0.0Oracle Application Server 0.9.8Oracle Application Server 1.0.0Oracle Enterprise Manager Base Platform 12.1.0.5.0Oracle Application Server 1.0.1Oracle Primavera P6 Enterprise Project Portfolio Management 15.2Oracle Peoplesoft Enterprise Peopletools 8.56Oracle Tuxedo 12.1.1.0.0Oracle Enterprise Manager Ops Center 12.3.3Oracle Primavera P6 Enterprise Project Portfolio Management 15.1Oracle Primavera P6 Enterprise Project Portfolio Management 16.1Oracle Vm VirtualboxRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Server Aus 7.6Redhat Enterprise Linux Server Tus 7.6Redhat Enterprise Linux Server Eus 7.6Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux Server 7.6
9.8
CVSSv3
CVE-2019-16943
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an...
Fasterxml Jackson-databindDebian Debian Linux 10.0Debian Debian Linux 9.0Debian Debian Linux 8.0Fedoraproject Fedora 30Fedoraproject Fedora 31Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Oracle Banking Platform 2.4.0Oracle Banking Platform 2.4.1Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.6.2Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Banking Platform 2.9.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Calendar Server 8.0.0.2.0Oracle Communications Calendar Server 8.0.0.3.0Oracle Communications Evolved Communications Application Server 7.1Oracle Global Lifecycle Management Nextgen Oui Framework 12.2.1.3.0Oracle Global Lifecycle Management Nextgen Oui Framework 12.2.1.4.0Oracle Global Lifecycle Management Nextgen Oui Framework 13.9.4.2.2Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Jd Edwards Enterpriseone Orchestrator 9.2Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Primavera Gateway 16.1Oracle Primavera Gateway 16.2Oracle Primavera GatewayOracle Primavera Gateway 19.12.0Oracle Retail Merchandising System 15.0.3Oracle Retail Merchandising System 16.0.2Oracle Retail Merchandising System 16.0.3Oracle Retail Sales Audit 14.1Oracle Siebel Engineering - Installer \\& DeploymentOracle Trace File Analyzer 12.2.0.1Oracle Trace File Analyzer 18cOracle Trace File Analyzer 19cOracle Webcenter Portal 12.2.1.3.0Oracle Webcenter Portal 12.2.1.4.0Oracle Webcenter Sites 12.2.1.3.0Oracle Webcenter Sites 12.2.1.4.0Oracle Weblogic Server 12.2.1.3.0Oracle Weblogic Server 12.2.1.4.0Netapp Active Iq Unified ManagerNetapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Steelstore Cloud Integrated Storage -
9.8
CVSSv3
CVE-2019-17531
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the...
Fasterxml Jackson-databindDebian Debian Linux 8.0Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Oracle Banking Platform 2.4.0Oracle Banking Platform 2.4.1Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.6.2Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Banking Platform 2.9.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Calendar Server 8.0.0.2.0Oracle Communications Calendar Server 8.0.0.3.0Oracle Communications Evolved Communications Application Server 7.1Oracle Global Lifecycle Management Nextgen Oui Framework 12.2.1.3.0Oracle Global Lifecycle Management Nextgen Oui Framework 12.2.1.4.0Oracle Global Lifecycle Management Nextgen Oui Framework 13.9.4.2.2Oracle Goldengate Application Adapters 19.1.0.0.0Oracle Jd Edwards Enterpriseone Orchestrator 9.2Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Primavera Gateway 16.1Oracle Primavera Gateway 16.2Oracle Primavera GatewayOracle Primavera Gateway 19.12.0Oracle Retail Merchandising System 15.0.3Oracle Retail Merchandising System 16.0.2Oracle Retail Merchandising System 16.0.3Oracle Retail Sales Audit 14.1Oracle Siebel Engineering - Installer \\& DeploymentOracle Trace File Analyzer 12.2.0.1Oracle Trace File Analyzer 18cOracle Trace File Analyzer 19cOracle Webcenter Portal 12.2.1.3.0Oracle Webcenter Portal 12.2.1.4.0Oracle Webcenter Sites 12.2.1.3.0Oracle Webcenter Sites 12.2.1.4.0Oracle Weblogic Server 12.2.1.3.0Oracle Weblogic Server 12.2.1.4.0Netapp Oncommand Workflow Automation -Netapp Steelstore Cloud Integrated Storage -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-21500CVE-2022-29424IDORCVE-2022-29216CVE-2022-1388encryptionbuffer overflowCVE-2021-30028CVE-2022-29194
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook