Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application express vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2021-2116
Vulnerability in the Oracle Application Express Opportunity Tracker component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access ...
Oracle Application Express Opportunity Tracker
4.9
CVSSv2
CVE-2021-2117
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via H...
Oracle Application Express Survey Builder
4.3
CVSSv2
CVE-2020-27193
A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote malicious users to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs.
Ckeditor Ckeditor 4.15.0
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.8.0
Oracle Banking Platform 2.9.0
Oracle Commerce Merchandising 11.0.0
Oracle Commerce Merchandising 11.1.0
Oracle Commerce Merchandising 11.2.0
Oracle Commerce Merchandising 11.3.0
Oracle Commerce Merchandising 11.3.1
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Jd Edwards Enterpriseone Tools
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
5
CVSSv2
CVE-2020-7760
This affects the package codemirror prior to 5.58.2; the package org.apache.marmotta.webjars:codemirror prior to 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascri...
Codemirror Codemirror
Oracle Application Express
Oracle Essbase 21.2
Oracle Enterprise Manager Express User Interface 19c
Oracle Hyperion Data Relationship Management
Oracle Spatial Studio
4.9
CVSSv2
CVE-2020-14900
Vulnerability in the Oracle Application Express Group Calendar component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via H...
Oracle Application Express
4.9
CVSSv2
CVE-2020-14898
Vulnerability in the Oracle Application Express Packaged Apps component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HT...
Oracle Application Express
4.9
CVSSv2
CVE-2020-14899
Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HT...
Oracle Application Express
4.9
CVSSv2
CVE-2020-14762
Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Ora...
Oracle Application Express
4.9
CVSSv2
CVE-2020-14763
Vulnerability in the Oracle Application Express Quick Poll component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP ...
Oracle Application Express
4.3
CVSSv2
CVE-2020-26870
Cure53 DOMPurify prior to 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
Cure53 Dompurify
Debian Debian Linux 9.0
Microsoft Visual Studio 2017 15.9
Microsoft Visual Studio 2019 16.0
Microsoft Visual Studio 2019 16.4
Microsoft Visual Studio 2019 16.8
Microsoft Visual Studio 2019 16.7
Oracle Application Express
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »