Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle enterprise manager ops center 12.3.3 vulnerabilities and exploits
(subscribe to this query)
449
VMScore
CVE-2018-17199
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the session is decoded.
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Oracle Enterprise Manager Ops Center 12.3.3
446
VMScore
CVE-2018-17189
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.
Apache Http Server 2.4.20
Apache Http Server 2.4.23
Apache Http Server 2.4.25
Apache Http Server 2.4.26
Apache Http Server 2.4.18
Apache Http Server 2.4.17
Apache Http Server 2.4.27
Apache Http Server 2.4.29
Apache Http Server 2.4.28
Apache Http Server 2.4.33
Apache Http Server 2.4.37
Apache Http Server 2.4.30
Apache Http Server 2.4.34
Apache Http Server 2.4.35
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Debian Debian Linux 9.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 7.0
Oracle Hospitality Guest Access 4.2.0
2 Github repositories
446
VMScore
CVE-2019-0190
A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSS...
Apache Http Server 2.4.37
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 7.0
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
2 Github repositories
445
VMScore
CVE-2018-15769
RSA BSAFE Micro Edition Suite versions before 4.0.11 (in 4.0.x series) and versions before 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very larg...
Dell Bsafe
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Analytics 12.1.1
Oracle Communications Ip Service Activator 7.3.0
Oracle Communications Ip Service Activator 7.4.0
Oracle Core Rdbms 11.2.0.4
Oracle Core Rdbms 12.1.0.2
Oracle Core Rdbms 12.2.0.1
Oracle Core Rdbms 18c
Oracle Core Rdbms 19c
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Goldengate Application Adapters 12.3.2.1.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Real User Experience Insight 13.1.2.1
Oracle Real User Experience Insight 13.2.3.1
Oracle Real User Experience Insight 13.3.1.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Retail Predictive Application Server 16.0.3.0
Oracle Security Service 11.1.1.9.0
Oracle Security Service 12.1.3.0.0
Oracle Security Service 12.2.1.3.0
445
VMScore
CVE-2018-15756
Spring Framework, version 5.1, versions 5.0.x before 5.0.10, versions 4.3.x before 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annota...
Vmware Spring Framework
Vmware Spring Framework 5.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Invoice Matching 13.0
Oracle Flexcube Private Banking 12.0.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Retail Invoice Matching 12.0
Oracle Flexcube Private Banking 12.0.3
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Webcenter Sites 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Insurance Rules Palette 10.0
445
VMScore
CVE-2018-11054
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.
Dell Bsafe 4.1.6
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Analytics 12.1.1
Oracle Communications Ip Service Activator 7.3.4
Oracle Communications Ip Service Activator 7.4.0
Oracle Core Rdbms 11.2.0.4
Oracle Core Rdbms 12.1.0.2
Oracle Core Rdbms 12.2.0.1
Oracle Core Rdbms 18c
Oracle Core Rdbms 19c
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Goldengate Application Adapters 12.3.2.1.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Real User Experience Insight 13.1.2.1
Oracle Real User Experience Insight 13.2.3.1
Oracle Real User Experience Insight 13.3.1.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Retail Predictive Application Server 16.0.3
Oracle Security Service 11.1.1.9.0
Oracle Security Service 12.1.3.0.0
Oracle Security Service 12.2.1.2.0
440
VMScore
CVE-2019-0197
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration ...
Apache Http Server
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 16.04
Fedoraproject Fedora 30
Opensuse Leap 42.3
Opensuse Leap 15.0
Redhat Jboss Core Services 1.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 7.0
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.0.0
Oracle Communications Session Route Manager 8.1.0
436
VMScore
CVE-2019-10092
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server ...
Apache Http Server
Opensuse Leap 15.0
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Software Collection 1.0
Fedoraproject Fedora 30
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Netapp Clustered Data Ontap 9.6
Netapp Clustered Data Ontap
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Secure Global Desktop 5.4
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Secure Global Desktop 5.5
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.1.1
Oracle Communications Element Manager 8.1.0
Oracle Communications Element Manager 8.0.0
1 EDB exploit
2 Github repositories
412
VMScore
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
98 Github repositories
410
VMScore
CVE-2019-5436
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 up to and including 7.64.1.
Haxx Libcurl
Opensuse Leap 42.3
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 29
Debian Debian Linux 9.0
Debian Debian Linux 10.0
F5 Traffix Signaling Delivery Controller
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Mysql Server
Oracle Oss Support Tools 20.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »