Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle siebel ui framework 8.1.1 vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2016-0673
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UIF Open UI.
Oracle Siebel Ui Framework 8.1.1
Oracle Siebel Ui Framework 8.2.2
4.3
CVSSv2
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
75 Github repositories
5 Articles
4.3
CVSSv2
CVE-2021-26271
It was possible to execute a ReDoS-type attack inside CKEditor 4 prior to 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
Ckeditor Ckeditor
Oracle Webcenter Sites 12.2.1.3.0
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Webcenter Sites 12.2.1.4.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Siebel Ui Framework
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Application Express
4.3
CVSSv2
CVE-2021-26272
It was possible to execute a ReDoS-type attack inside CKEditor 4 prior to 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).
Ckeditor Ckeditor
Oracle Webcenter Sites 12.2.1.3.0
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Webcenter Sites 12.2.1.4.0
Oracle Commerce Merchandising 11.1.0
Oracle Commerce Merchandising 11.2.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Financial Services Model Management And Governance
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Siebel Ui Framework
Oracle Commerce Merchandising
4.3
CVSSv2
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
178 Github repositories
4.3
CVSSv2
CVE-2018-8032
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Apache Axis
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
4.3
CVSSv2
CVE-2016-5450
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote malicious users to affect integrity via vectors related to UIF Open UI.
Oracle Siebel Ui Framework 2015
Oracle Siebel Ui Framework 8.1.1
Oracle Siebel Ui Framework 8.2.2
Oracle Siebel Ui Framework 2014
Oracle Siebel Ui Framework 2016
4.3
CVSSv2
CVE-2015-2587
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote malicious users to affect integrity via vectors related to SWSE Server Infrastructure.
Oracle Siebel Crm 15.0
Oracle Siebel Crm 8.1.1
Oracle Siebel Crm 8.2.2
4.3
CVSSv2
CVE-2015-0502
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1 and 8.2 allows remote malicious users to affect integrity via unknown vectors related to Portal Framework.
Oracle Siebel Crm 8.1.1
Oracle Siebel Crm 8.2.2
4.3
CVSSv2
CVE-2015-0419
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote malicious users to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2013-1510.
Oracle Siebel Crm 8.1.1
Oracle Siebel Crm 8.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »