Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle primavera gateway vulnerabilities and exploits

(subscribe to this query)

9.1
CVSSv3
CVE-2017-3508
Vulnerability in the Primavera Gateway component of Oracle Primavera Products Suite (subcomponent: Primavera Desktop Integration). Supported versions that are affected are 1.0, 1.1, 14.2, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows high...
Oracle Primavera Gateway 16.2Oracle Primavera Gateway 1.0Oracle Primavera Gateway 16.1Oracle Primavera Gateway 15.1Oracle Primavera Gateway 1.1Oracle Primavera Gateway 15.2Oracle Primavera Gateway 14.2
8.7
CVSSv3
CVE-2017-3500
Vulnerability in the Primavera Gateway component of Oracle Primavera Products Suite (subcomponent: Primavera Desktop Integration). Supported versions that are affected are 1.0, 1.1, 14.2, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows high...
Oracle Primavera Gateway 1.0Oracle Primavera Gateway 1.1Oracle Primavera Gateway 16.2Oracle Primavera Gateway 16.1Oracle Primavera Gateway 15.2Oracle Primavera Gateway 14.2Oracle Primavera Gateway 15.1
5.4
CVE-2023-21888
Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: WebUI). Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged...
Oracle Primavera Gateway
9.8
CVSSv3
CVE-2019-14540
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig....
Fasterxml Jackson-databindNetapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Steelstore Cloud Integrated Storage -Fedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Oracle Banking Platform 2.4.0Oracle Banking Platform 2.4.1Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Customer Management And Segmentation Foundation 18.0Oracle Financial Services Analytical Applications InfrastructureOracle Global Lifecycle Management OpatchOracle Goldengate Application Adapters 19.1.0.0.0Oracle Goldengate Stream AnalyticsOracle MysqlOracle Primavera Gateway 15.2Oracle Primavera Gateway 15.2.18Oracle Primavera Gateway 16.2Oracle Primavera Gateway 16.2.11Oracle Primavera Gateway 17.12Oracle Primavera Gateway 17.12.6Oracle Primavera Gateway 18.8.0Oracle Primavera Gateway 18.8.8.1Oracle Primavera Unifier 16.1Oracle Primavera Unifier 16.2Oracle Primavera UnifierOracle Primavera Unifier 18.8Oracle Primavera Unifier 19.12Oracle Retail Customer Management And Segmentation Foundation 17.0Oracle Retail Xstore Point Of Service 7.1Oracle Retail Xstore Point Of Service 15.0Oracle Retail Xstore Point Of Service 16.0Oracle Retail Xstore Point Of Service 17.0Oracle Retail Xstore Point Of Service 18.0Oracle Weblogic Server 12.2.1.3.0
9.8
CVSSv3
CVE-2019-16335
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540....
Fasterxml Jackson-databindFedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Netapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Steelstore Cloud Integrated Storage -Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Oracle Banking Platform 2.4.0Oracle Banking Platform 2.4.1Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Customer Management And Segmentation Foundation 18.0Oracle Financial Services Analytical Applications InfrastructureOracle Global Lifecycle Management OpatchOracle Goldengate Application Adapters 19.1.0.0.0Oracle Goldengate Stream AnalyticsOracle Primavera Gateway 15.2Oracle Primavera Gateway 16.1Oracle Primavera Gateway 16.2Oracle Primavera GatewayOracle Primavera Gateway 18.8.0Oracle Retail Customer Management And Segmentation Foundation 17.0Oracle Retail Xstore Point Of Service 7.1Oracle Retail Xstore Point Of Service 15.0Oracle Retail Xstore Point Of Service 16.0Oracle Retail Xstore Point Of Service 17.0Oracle Retail Xstore Point Of Service 18.0Oracle Weblogic Server 12.2.1.3.0
6.1
CVSSv3
CVE-2021-41183
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various...
Jquery Jquery UiFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Fedoraproject Fedora 36Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H300e Firmware -Netapp H500e Firmware -Netapp H700e Firmware -Netapp H410s Firmware -Netapp H410c Firmware -Debian Debian Linux 9.0Drupal DrupalOracle Hospitality Suite8 8.10.2Oracle Weblogic Server 12.2.1.3.0Oracle Agile Plm 9.3.6Oracle Weblogic Server 12.2.1.4.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Weblogic Server 14.1.1.0.0Oracle Banking Platform 2.9.0Oracle Primavera Gateway 19.12.0Oracle Primavera GatewayOracle Primavera Gateway 18.8.0Oracle Hospitality Inventory Management 9.1.0Oracle Communications Interactive Session Recorder 6.4Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Communications Operations Monitor 4.3Oracle Primavera Gateway 20.12.0Oracle Banking Platform 2.12.0Oracle Communications Operations Monitor 4.4Oracle Communications Operations Monitor 5.0Oracle Primavera Gateway 21.12.0Oracle Big Data Spatial And Graph 23.1Oracle Big Data Spatial And GraphOracle Mysql Enterprise MonitorOracle Hospitality Suite8Oracle Jd Edwards Enterpriseone ToolsOracle Rest Data ServicesOracle Application ExpressOracle Policy AutomationOracle Rest Data Services 22.1.1Tenable Tenable.sc
9.8
CVSSv3
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution....
Fasterxml Jackson-databindDebian Debian Linux 8.0Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Active Iq Unified ManagerFedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Redhat Single Sign-on 7.3Redhat Openshift Container Platform 4.1Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Redhat Openshift Container Platform 3.11Oracle Retail Xstore Point Of Service 15.0Oracle Primavera Unifier 16.2Oracle Banking Platform 2.4.0Oracle Retail Xstore Point Of Service 7.1Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Banking Platform 2.4.1Oracle Primavera Gateway 16.2Oracle Primavera Gateway 15.2Oracle Banking Platform 2.5.0Oracle Primavera Unifier 16.1Oracle Retail Xstore Point Of Service 16.0Oracle Primavera Gateway 17.12Oracle Jd Edwards Enterpriseone Orchestrator 9.2Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Primavera Unifier 18.8Oracle Retail Customer Management And Segmentation Foundation 17.0Oracle Primavera UnifierOracle Siebel Ui FrameworkOracle Retail Xstore Point Of Service 17.0Oracle Retail Xstore Point Of Service 18.0Oracle Banking Platform 2.7.0Oracle Banking Platform 2.7.1Oracle Goldengate Stream AnalyticsOracle Communications Diameter Signaling Router 8.2.1Oracle Communications Diameter Signaling Router 8.0.0Oracle Communications Diameter Signaling Router 8.1Oracle Communications Diameter Signaling Router 8.2Oracle Financial Services Analytical Applications InfrastructureOracle Primavera Gateway 18.8.0Oracle Siebel Engineering - Installer \\& DeploymentOracle Communications Instant Messaging Server 10.0.1.3.0Apple Xcode
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP...
Apache Log4j 2.0Apache Log4jOracle Weblogic Server 12.2.1.3.0Oracle Primavera Unifier 18.8Oracle Weblogic Server 12.2.1.4.0Oracle Primavera Unifier 19.12Oracle Weblogic Server 14.1.1.0.0Oracle Primavera Unifier 20.12Oracle Communications Interactive Session Recorder 6.3Oracle Communications Interactive Session Recorder 6.4Oracle Primavera GatewayOracle Retail Assortment Planning 16.0.3Oracle Primavera Unifier 21.12Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Primavera Gateway 21.12.0Oracle Retail Fiscal Management 14.2Oracle Siebel Ui Framework 21.12Oracle Communications Diameter Signaling RouterCisco Cloudcenter 4.10.0.16Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Oracle Flexcube Private Banking 12.1.0Oracle Retail Order Broker 18.0Oracle Siebel Ui FrameworkOracle Retail Xstore Point Of Service 17.0.4Oracle Retail Xstore Point Of Service 18.0.3Oracle Retail Xstore Point Of Service 19.0.2Oracle Retail Xstore Point Of Service 20.0.1Oracle Retail Order Broker 19.1Oracle Policy AutomationOracle Product Lifecycle Analytics 3.6.1Oracle Retail Xstore Point Of Service 21.0.1Oracle Policy Automation For Mobile DevicesOracle Health Sciences Data Management Workbench 3.0.0.0Oracle Health Sciences Data Management Workbench 3.1.0.3Oracle Health Sciences Data Management Workbench 2.5.2.1Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0Oracle Communications Offline Mediation Controller 12.0.0.5.0Oracle Communications Offline Mediation ControllerOracle Communications Brm - Elastic Charging Engine
5.9
CVSSv3
CVE-2018-0735
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1)....
Openssl Openssl 1.1.1Openssl OpensslCanonical Ubuntu Linux 16.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10Debian Debian Linux 8.0Debian Debian Linux 9.0Nodejs Node.js 10.13.0Nodejs Node.jsNetapp Cn1610 Firmware -Netapp Cloud Backup -Netapp Oncommand Unified ManagerNetapp Steelstore -Netapp Santricity Smi-s Provider -Netapp Element Software -Netapp Snapdrive -Netapp Smi-s Provider -Oracle Primavera P6 Enterprise Project Portfolio Management 16.2Oracle Api Gateway 11.1.2.4.0Oracle Primavera P6 Enterprise Project Portfolio Management 15.1Oracle Primavera P6 Enterprise Project Portfolio Management 16.1Oracle Primavera P6 Enterprise Project Portfolio Management 15.2Oracle Peoplesoft Enterprise Peopletools 8.55Oracle Primavera P6 Enterprise Project Portfolio Management 8.4Oracle Peoplesoft Enterprise Peopletools 8.56Oracle Enterprise Manager Ops Center 12.3.3Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Primavera P6 Enterprise Project Portfolio Management 18.8Oracle MysqlOracle Secure Global Desktop 5.4Oracle Vm VirtualboxOracle Enterprise Manager Base Platform 13.2.0.0.0Oracle Enterprise Manager Base Platform 12.1.0.5.0Oracle Tuxedo 12.1.1.0.0Oracle Enterprise Manager Base Platform 13.3.0.0.0Oracle Application Server 0.9.8Oracle Application Server 1.0.0Oracle Application Server 1.0.1
9.8
CVSSv3
CVE-2019-17195
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass....
Connect2id Nimbus Jose\\+jwtApache Hadoop 3.2.1Oracle Solaris Cluster 4.0Oracle Weblogic Server 12.2.1.3.0Oracle Weblogic Server 12.2.1.4.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Enterprise Manager Base Platform 13.4.0.0Oracle Primavera Gateway 19.12.0Oracle Data Integrator 12.2.1.4.0Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Primavera GatewayOracle Communications Pricing Design Center 12.0.0.3.0Oracle Jd Edwards Enterpriseone ToolsOracle Policy AutomationOracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0Oracle Insurance Policy AdministrationOracle Healthcare Data Repository 8.1.0Oracle Jd Edwards Enterpriseone Orchestrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-22281CVE-2023-0617CVE-2022-31711CVE-2023-0115CVE-2022-27596privilegedosCVE-2022-47003arbitrary code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook