Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-24891
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the *...
Owasp Enterprise Security Api
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
1 Github repository
7.5
CVSSv2
CVE-2022-23457
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a ...
Owasp Enterprise Security Api
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
5
CVSSv2
CVE-2022-27449
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/item_func.cc:148.
Mariadb Mariadb
Debian Debian Linux 10.0
5
CVSSv2
CVE-2022-27451
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/field_conv.cc.
Mariadb Mariadb
5
CVSSv2
CVE-2022-27452
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/item_cmpfunc.cc.
Mariadb Mariadb
Debian Debian Linux 10.0
5
CVSSv2
CVE-2022-27455
MariaDB Server v10.6.3 and below exists to contain an use-after-free in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c.
Mariadb Mariadb
5
CVSSv2
CVE-2022-27456
MariaDB Server v10.6.3 and below exists to contain an use-after-free in the component VDec::VDec at /sql/sql_type.cc.
Mariadb Mariadb
Debian Debian Linux 10.0
5
CVSSv2
CVE-2022-27457
MariaDB Server v10.6.3 and below exists to contain an use-after-free in the component my_mb_wc_latin1 at /strings/ctype-latin1.c.
Mariadb Mariadb
NA
CVE-2022-27458
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27447. Reason: This candidate is a reservation duplicate of CVE-2022-27447. Notes: All CVE users should reference CVE-2022-27447 instead of this candidate.
5
CVSSv2
CVE-2022-27444
MariaDB Server v10.9 and below exists to contain a segmentation fault via the component sql/item_subselect.cc.
Mariadb Mariadb
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »