Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure enterprise search vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-3549
Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote malicious users to affect confidentiality via vectors related to Search Integration Engine.
Oracle E-business Suite Secure Enterprise Search 12.2.3
Oracle E-business Suite Secure Enterprise Search 12.2.5
Oracle E-business Suite Secure Enterprise Search 12.2.4
Oracle E-business Suite Secure Enterprise Search 12.1.3
6.4
CVSSv2
CVE-2020-14805
Vulnerability in the Oracle E-Business Suite Secure Enterprise Search product of Oracle E-Business Suite (component: Search Integration Engine). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker ...
Oracle E-business Suite Secure Enterprise Search 12.1.3
Oracle E-business Suite Secure Enterprise Search
6.9
CVSSv2
CVE-2010-5203
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client prior to 9.21 Build 68, Secure Entry Client prior to 9.23 Build 18, and Secure Client - Juniper Edition prior to 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002....
Ncp-e Secure Enterprise Client
Ncp-e Secure Entry Client
Ncp-e Secure Client
5.5
CVSSv2
CVE-2007-3854
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has no...
Oracle Apex 1.5.0
Oracle Apex 1.6.1
Oracle Application Server 10.1.2.2.0
Oracle Application Server 10.1.3.0.0
Oracle Database Server 10.2.0.2
Oracle Database Server 10.2.0.3
Oracle Database Server 9.0.1.5
Oracle E-business Suite 11.5.9
Oracle E-business Suite 12.0.0
Oracle Peoplesoft Enterprise Peopletools 8.47
Oracle Peoplesoft Enterprise Peopletools 8.48
Oracle Application Server 10.1.2.0.2
Oracle Application Server 10.1.2.1.0
Oracle Collaboration Suite 10.1.2
Oracle Database Server 10.1.0.5
Oracle E-business Suite 11.5.10.2
Oracle E-business Suite 11.5.8
Oracle Peoplesoft Enterprise Human Capital Management 9.0
Oracle Peoplesoft Enterprise Peopletools 8.22
Oracle Application Server 1.0.2.2
Oracle Application Server 10.1.2.0.1
Oracle Application Server 10.1.3.3.0
4.3
CVSSv2
CVE-2009-1968
Unspecified vulnerability in the Secure Enterprise Search component in Oracle Database 10.1.8.3 allows remote malicious users to affect integrity via unknown vectors. NOTE: the previous information was obtained from the July 2009 CPU. Oracle has not commented on claims from an es...
Oracle Database Server 10.1.8.3
1 EDB exploit
5
CVSSv2
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lea...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Workload Manager 18c
Oracle Workload Manager 19c
3 Github repositories
9
CVSSv2
CVE-2008-1814
Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote at...
Oracle Application Server 9.0.4.3
Oracle Application Server 10.1.2.2
Oracle Collaboration Suite 10.1.2
Oracle Database 9.0.1.5
Oracle Database 9.2.0.8
Oracle Database 9.2.0.8dv
Oracle Database 10.1.0.5
Oracle Database 10.2.0.3
4.4
CVSSv2
CVE-2020-28209
A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure Building Operation Enterprise Server installer V1.9 - V3.1 and Enterprise Central installer V2.0 - V3.1 that could cause any local Windows user who has write permission on at least one of the subfolders of...
Schneider-electric Enterprise Server Installer
4.3
CVSSv2
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Redhat Hibernate Validator
Redhat Hibernate Validator 6.1.0
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Netapp Active Iq Unified Manager -
Netapp Element -
Netapp Snapcenter Plug-in -
Netapp Management Services For Element Software And Netapp Hci -
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Solaris 11
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1146 Github repositories
28 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »