Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise manager base platform vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-2961
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network ...
Oracle Enterprise Manager Base Platform 13.2.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0
668
VMScore
CVE-2019-20330
FasterXML jackson-databind 2.x prior to 2.9.10.2 lacks certain net.sf.ehcache blocking.
Fasterxml Jackson-databind
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Global Lifecycle Management Opatch
Oracle Trace File Analyzer 19c
668
VMScore
CVE-2019-12419
Apache CXF prior to 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the suppli...
Apache Cxf
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Order Broker 15.0
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Commerce Guided Search 11.3.2
668
VMScore
CVE-2019-13990
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler up to and including 2.3.0 allows XXE attacks via a job description.
Softwareag Quartz
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Retail Integration Bus 15.0
Oracle Retail Back Office 14.1
Oracle Flexcube Investor Servicing 12.4.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Fusion Middleware Mapviewer 12.2.1.3.0
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Primavera Unifier
2 Github repositories
668
VMScore
CVE-2019-3822
libcurl versions from 7.36.0 to prior to 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously receive...
Haxx Libcurl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp Clustered Data Ontap
Siemens Sinema Remote Connect Client
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Secure Global Desktop 5.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Services Tools Bundle 19.2
Oracle Mysql Server
Redhat Enterprise Linux 8.0
3 Github repositories
668
VMScore
CVE-2018-1000613
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Netapp Oncommand Workflow Automation -
Opensuse Leap 15.1
Oracle Retail Xstore Point Of Service 7.1
Oracle Api Gateway 11.1.2.4.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Xstore Point Of Service 7.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Communications Webrtc Session Controller 7.2
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Soa Suite 12.1.3.0.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Communications Converged Application Server
1 Github repository
641
VMScore
CVE-2022-21392
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP t...
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Manager Base Platform 13.5.0.0
1 Github repository
607
VMScore
CVE-2020-9546
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
606
VMScore
CVE-2022-23305
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows malicious users to manipulate the SQL by ent...
Apache Log4j
Netapp Snapmanager -
Broadcom Brocade Sannav -
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
2 Github repositories
1 Article
606
VMScore
CVE-2020-11111
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Primavera Unifier 19.12
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Retail Xstore Point Of Service 17.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »