Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle security service 12.1.3.0.0 vulnerabilities and exploits
(subscribe to this query)
5.1
CVSSv2
CVE-2020-2934
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
Oracle Mysql Connector\\/j
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
7.5
CVSSv2
CVE-2021-21350
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed th...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
2 Github repositories
7.5
CVSSv2
CVE-2021-21347
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote malicious user to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user ...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
7.5
CVSSv2
CVE-2018-8013
In Apache Batik 1.x prior to 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deser...
Apache Batik
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Fusion Middleware Mapviewer 12.2.1.2
Oracle Enterprise Repository 12.1.3.0.0
Oracle Business Intelligence 11.1.1.9.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Business Intelligence 11.1.1.7.0
Oracle Retail Back Office 13.4
Oracle Retail Back Office 14.1
Oracle Retail Back Office 13.3
Oracle Business Intelligence 12.2.1.3.0
Oracle Communications Diameter Signaling Router
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 5.2
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Insurance Calculation Engine 10.2.1
Oracle Insurance Calculation Engine 10.1.1
1 Article
6.5
CVSSv2
CVE-2018-1258
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
Pivotal Software Spring Security
Vmware Spring Framework 5.0.5
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.4
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 10.1
Oracle Application Testing Suite 12.5.0.3
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Big Data Discovery 1.6.0
Oracle Communications Converged Application Server
Oracle Communications Diameter Signaling Router
Oracle Communications Network Integrity
Oracle Communications Performance Intelligence Center
Oracle Communications Services Gatekeeper
Oracle Endeca Information Discovery Integrator 3.1.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Enterprise Manager For Mysql Database 13.2
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.3
5.8
CVSSv2
CVE-2021-29425
In Apache Commons IO prior to 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not furt...
Apache Commons Io 2.2
Apache Commons Io 2.3
Apache Commons Io 2.4
Apache Commons Io 2.5
Apache Commons Io 2.6
Debian Debian Linux 9.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
Oracle Flexcube Core Banking 5.2.0
Oracle Solaris Cluster 4.0
Oracle Access Manager 11.1.2.3.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Access Manager 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 16.0
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
9
CVSSv2
CVE-2016-0635
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle...
Oracle Insurance Policy Administration J2ee 9.7.1
Oracle Insurance Policy Administration J2ee 10.0.1
Oracle Insurance Rules Palette 10.2.0
Oracle Insurance Rules Palette 10.2.2
Oracle Retail Integration Bus 15.0
Oracle Insurance Policy Administration J2ee 9.6.1
Oracle Insurance Rules Palette 10.0.1
Oracle Insurance Rules Palette 10.1.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Health Sciences Information Manager 3.0.1.0
Oracle Enterprise Manager Ops Center 12.1.4
Oracle Retail Order Broker Cloud Service 15.0
Oracle Documaker
Oracle Insurance Policy Administration J2ee 10.2.2
Oracle Insurance Rules Palette 9.6.1
Oracle Insurance Rules Palette 9.7.1
Oracle Primavera P6 Enterprise Project Portfolio Management 8.4
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Health Sciences Information Manager 1.2.8.3
Oracle Health Sciences Information Manager 2.0.2.3
Oracle Retail Order Broker Cloud Service 5.1
4.3
CVSSv2
CVE-2018-1271
Spring Framework, versions 5.0 before 5.0.5 and versions 4.3 before 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to th...
Vmware Spring Framework
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Application Testing Suite 12.5.0.3
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Retail Open Commerce Platform 6.0.1
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Diameter Signaling Router
Oracle Communications Performance Intelligence Center
Oracle Communications Services Gatekeeper
Oracle Health Sciences Information Manager 3.0
Oracle Healthcare Master Person Index 3.0
Oracle Healthcare Master Person Index 4.0
Oracle Insurance Calculation Engine 10.2
Oracle Insurance Rules Palette 10.0
Oracle Insurance Rules Palette 10.2
1 Github repository
5
CVSSv2
CVE-2018-15756
Spring Framework, version 5.1, versions 5.0.x before 5.0.10, versions 4.3.x before 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annota...
Vmware Spring Framework
Vmware Spring Framework 5.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Invoice Matching 13.0
Oracle Flexcube Private Banking 12.0.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Retail Invoice Matching 12.0
Oracle Flexcube Private Banking 12.0.3
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Webcenter Sites 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Insurance Rules Palette 10.0
4.3
CVSSv2
CVE-2013-2566
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote malicious users to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.
Oracle Communications Application Session Controller
Oracle Http Server 11.1.1.7.0
Oracle Http Server 11.1.1.9.0
Oracle Http Server 12.1.3.0.0
Oracle Http Server 12.2.1.1.0
Oracle Http Server 12.2.1.2.0
Oracle Integrated Lights Out Manager Firmware
Fujitsu Sparc Enterprise M3000 Firmware
Fujitsu Sparc Enterprise M4000 Firmware
Fujitsu Sparc Enterprise M5000 Firmware
Fujitsu Sparc Enterprise M8000 Firmware
Fujitsu Sparc Enterprise M9000 Firmware
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
Fujitsu M10-4s Firmware
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 13.10
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Seamonkey
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »