Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle enterprise repository 12.1.3.0.0 vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2017-10048
Vulnerability in the Oracle Enterprise Repository component of Oracle Fusion Middleware (subcomponent: Web Interface). Supported versions that are affected are 11.1.1.7.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...
Oracle Enterprise Repository 11.1.1.7.0
Oracle Enterprise Repository 12.1.3.0.0
9.8
CVSSv3
CVE-2021-1994
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
Oracle Enterprise Repository 11.1.1.7.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.3.0.0
7.5
CVSSv3
CVE-2019-0188
Apache Camel before 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Apache Camel
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Data Quality 11.1.1.9.0
Oracle Enterprise Repository 12.1.3.0.0
7.4
CVSSv3
CVE-2018-11775
TLS hostname verification when using the Apache ActiveMQ Client prior to 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.
Apache Activemq
Oracle Flexcube Private Banking 2.2.0.1
Oracle Enterprise Repository 12.1.3.0.0
Oracle Flexcube Private Banking 2.0.0.0
Oracle Flexcube Private Banking 12.0.1.0
Oracle Flexcube Private Banking 12.0.3.0
Oracle Flexcube Private Banking 12.1.0.0
1 Github repository
7.5
CVSSv3
CVE-2019-0222
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
Apache Activemq
Netapp E-series Santricity Web Services -
Oracle Enterprise Repository 12.1.3.0.0
Oracle Enterprise Manager Base Platform 13.2.0.0.0
Oracle Enterprise Manager Base Platform 12.1.0.5.0
Oracle Enterprise Manager Base Platform 13.3.0.0.0
Oracle Goldengate Stream Analytics
Oracle Identity Manager Connector 9.0
Oracle Communications Diameter Signaling Router 8.2.1
Oracle Communications Diameter Signaling Router 8.0.0
Oracle Communications Diameter Signaling Router 8.1
Oracle Communications Diameter Signaling Router 8.2
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and previous versions have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fi...
Bouncycastle Fips Java Api
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Debian Debian Linux 9.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Api Gateway 11.1.2.4.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Xstore Point Of Service 7.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Soa Suite 12.1.3.0.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Communications Converged Application Server
Oracle Communications Webrtc Session Controller
Oracle Retail Convenience And Fuel Pos Software 2.8.1
1 Github repository
7.5
CVSSv3
CVE-2018-3246
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Weblogic Server 12.1.3.0.0
Oracle Communications Converged Application Server
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Convenience And Fuel Pos Software 2.8.1
Oracle Utilities Network Management System 2.3.0.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Utilities Network Management System 1.12.0.3
Oracle Utilities Network Management System 2.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Webrtc Session Controller
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Banking Platform 2.6.0
Oracle Utilities Network Management System 2.3.0.1
9.8
CVSSv3
CVE-2018-1000613
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Netapp Oncommand Workflow Automation -
Opensuse Leap 15.1
Oracle Retail Xstore Point Of Service 7.1
Oracle Api Gateway 11.1.2.4.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Xstore Point Of Service 7.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Communications Webrtc Session Controller 7.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Soa Suite 12.1.3.0.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Communications Converged Application Server
1 Github repository
9.8
CVSSv3
CVE-2018-8013
In Apache Batik 1.x prior to 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deser...
Apache Batik
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Fusion Middleware Mapviewer 12.2.1.2
Oracle Enterprise Repository 12.1.3.0.0
Oracle Business Intelligence 11.1.1.9.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Business Intelligence 11.1.1.7.0
Oracle Retail Back Office 13.4
Oracle Retail Back Office 14.1
Oracle Retail Back Office 13.3
Oracle Business Intelligence 12.2.1.3.0
Oracle Communications Diameter Signaling Router
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 5.2
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Insurance Calculation Engine 10.2.1
Oracle Insurance Calculation Engine 10.1.1
1 Article
5.5
CVSSv3
CVE-2019-12415
In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an malicious user to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Pro...
Apache Poi
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Banking Platform 2.4.1
Oracle Enterprise Repository 12.1.3.0.0
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Insurance Rules Palette 10.2.0
Oracle Application Testing Suite 12.5.0.3
Oracle Webcenter Portal 12.2.1.3.0
Oracle Banking Payments 14.0.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Banking Payments 14.1.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »