Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle utilities framework 4.2.0.2.0 vulnerabilities and exploits

(subscribe to this query)

5.4
CVSSv3
CVE-2020-14895
Vulnerability in the Oracle Utilities Framework product of Oracle Utilities Applications (component: System Wide). Supported versions that are affected are 2.2.0.0.0, 4.2.0.2.0, 4.2.0.3.0, 4.3.0.1.0 - 4.3.0.6.0, 4.4.0.0.0 and 4.4.0.2.0. Easily exploitable vulnerability allows...
Oracle Utilities Framework 2.2.0.0.0Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities FrameworkOracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0
9.8
CVSSv3
CVE-2020-14756
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with...
Oracle Coherence 3.7.1.0Oracle Coherence 12.1.3.0.0Oracle Coherence 12.2.1.3.0Oracle Coherence 12.2.1.4.0Oracle Coherence 14.1.1.0.0Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities FrameworkOracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Utilities Framework 4.4.0.3.0
9.8
CVSSv3
CVE-2020-2555
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with...
Oracle Coherence 3.7.1.0Oracle Coherence 12.1.3.0.0Oracle Coherence 12.2.1.3.0Oracle Coherence 12.2.1.4.0Oracle Communications Diameter Signaling RouterOracle Healthcare Data Repository 7.0.1Oracle Rapid Planning 12.1Oracle Rapid Planning 12.2Oracle Retail Assortment Planning 15.0Oracle Retail Assortment Planning 16.0Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities FrameworkOracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Webcenter Portal 12.2.1.3.0Oracle Webcenter Portal 12.2.1.4.0
8.5
CVSSv3
CVE-2021-39153
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box...
Xstream Project XstreamFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Snapmanager -Oracle Business Activity Monitoring 12.2.1.4.0Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0Oracle Communications Cloud Native Core Binding Support Function 1.10.0Oracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Unified Inventory Management 7.3.4Oracle Communications Unified Inventory Management 7.3.5Oracle Communications Unified Inventory Management 7.4.0Oracle Communications Unified Inventory Management 7.4.1Oracle Communications Unified Inventory Management 7.4.2Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.3.0.1.0Oracle Utilities Framework 4.3.0.6.0Oracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Utilities Framework 4.4.0.3.0Oracle Utilities Testing Accelerator 6.0.0.1.1
8.5
CVSSv3
CVE-2021-39141
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project XstreamDebian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Fedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Netapp Snapmanager -Oracle Business Activity Monitoring 12.2.1.4.0Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0Oracle Communications Cloud Native Core Binding Support Function 1.10.0Oracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Unified Inventory Management 7.3.4Oracle Communications Unified Inventory Management 7.3.5Oracle Communications Unified Inventory Management 7.4.0Oracle Communications Unified Inventory Management 7.4.1Oracle Communications Unified Inventory Management 7.4.2Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.3.0.1.0Oracle Utilities Framework 4.3.0.6.0Oracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Utilities Framework 4.4.0.3.0Oracle Utilities Testing Accelerator 6.0.0.1.1
8.5
CVSSv3
CVE-2021-39151
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project XstreamFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Snapmanager -Oracle Business Activity Monitoring 12.2.1.4.0Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0Oracle Communications Cloud Native Core Binding Support Function 1.10.0Oracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Unified Inventory Management 7.3.4Oracle Communications Unified Inventory Management 7.3.5Oracle Communications Unified Inventory Management 7.4.0Oracle Communications Unified Inventory Management 7.4.1Oracle Communications Unified Inventory Management 7.4.2Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.3.0.1.0Oracle Utilities Framework 4.3.0.6.0Oracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Utilities Framework 4.4.0.3.0Oracle Utilities Testing Accelerator 6.0.0.1.1
8.5
CVSSv3
CVE-2021-39147
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...
Xstream Project XstreamFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Snapmanager -Oracle Business Activity Monitoring 12.2.1.4.0Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0Oracle Communications Cloud Native Core Binding Support Function 1.10.0Oracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Unified Inventory Management 7.3.4Oracle Communications Unified Inventory Management 7.3.5Oracle Communications Unified Inventory Management 7.4.0Oracle Communications Unified Inventory Management 7.4.1Oracle Communications Unified Inventory Management 7.4.2Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.3.0.1.0Oracle Utilities Framework 4.3.0.6.0Oracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Utilities Framework 4.4.0.3.0Oracle Utilities Testing Accelerator 6.0.0.1.1
9.8
CVSSv3
CVE-2019-10173
It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported...
Xstream Project Xstream 1.4.10Oracle Banking PlatformOracle Business Activity Monitoring 11.1.1.9.0Oracle Business Activity Monitoring 12.2.1.3.0Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3.0.9.0Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0Oracle Communications Diameter Signaling RouterOracle Communications Unified Inventory Management 7.3.0Oracle Communications Unified Inventory Management 7.4.0Oracle Endeca Information Discovery Studio 3.2.0Oracle Retail Xstore Point Of Service 17.0Oracle Utilities Framework 2.2.0.0.0Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities FrameworkOracle Utilities Framework 4.4.0.0.0Oracle Webcenter Portal 11.1.1.9.0Oracle Webcenter Portal 12.2.1.3.0
8.5
CVSSv3
CVE-2021-39150
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime...
Xstream Project XstreamFedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Snapmanager -Oracle Business Activity Monitoring 12.2.1.4.0Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0Oracle Communications Cloud Native Core Binding Support Function 1.10.0Oracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Unified Inventory Management 7.3.4Oracle Communications Unified Inventory Management 7.3.5Oracle Communications Unified Inventory Management 7.4.0Oracle Communications Unified Inventory Management 7.4.1Oracle Communications Unified Inventory Management 7.4.2Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.3.0.1.0Oracle Utilities Framework 4.3.0.6.0Oracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2.0Oracle Utilities Framework 4.4.0.3.0Oracle Utilities Testing Accelerator 6.0.0.1.1
7.5
CVSSv3
CVE-2018-1000632
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker...
Dom4j Project Dom4jDebian Debian Linux 8.0Oracle Flexcube Investor Servicing 12.0.4Oracle Flexcube Investor Servicing 12.1.0Oracle Flexcube Investor Servicing 12.3.0Oracle Flexcube Investor Servicing 12.4.0Oracle Flexcube Investor Servicing 14.0.0Oracle Primavera P6 Enterprise Project Portfolio ManagementOracle Rapid Planning 12.1Oracle Rapid Planning 12.2Oracle Retail Integration Bus 15.0Oracle Retail Integration Bus 16.0Oracle Utilities Framework 2.2.0Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities FrameworkOracle Utilities Framework 4.4.0.0.0Oracle Utilities Framework 4.4.0.2Redhat Satellite 6.6Redhat Satellite Capsule 6.6Redhat Jboss Enterprise Application Platform 6.0.0Redhat Jboss Enterprise Application Platform 6.4.0Redhat Jboss Enterprise Application Platform 7.1.0Netapp Oncommand Workflow Automation -Netapp Snap Creator Framework -Netapp Snapcenter -Netapp Snapmanager -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-21500CVE-2022-29424IDORCVE-2022-29216CVE-2022-1388encryptionbuffer overflowCVE-2021-30028CVE-2022-29194
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook