Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle jd edwards enterpriseone tools 9.2 vulnerabilities and exploits

(subscribe to this query)
7.1
CVSSv2
CVE-2016-0424
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote malicious users to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0422.
Oracle Jd Edwards Products 9.2Oracle Jd Edwards Products 9.1
7.1
CVSSv2
CVE-2016-0422
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote malicious users to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0424.
Oracle Jd Edwards Products 9.2Oracle Jd Edwards Products 9.1
5.1
CVSSv2
CVE-2018-12022
An issue exists in FasterXML jackson-databind before 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provi...
Fasterxml Jackson-databindDebian Debian Linux 9.0Fedoraproject Fedora 29Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Retail Merchandising System 15.0Redhat Openshift Container Platform 3.11Redhat Jboss Enterprise Application Platform 7.2.0Redhat Single Sign-on 7.3Redhat Jboss Brms 6.4.10Redhat Automation Manager 7.3.1Redhat Decision Manager 7.3.1
5.1
CVSSv2
CVE-2018-12023
An issue exists in FasterXML jackson-databind before 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possi...
Fasterxml Jackson-databindDebian Debian Linux 9.0Fedoraproject Fedora 29Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Retail Merchandising System 15.0Redhat Openshift Container Platform 3.11Redhat Jboss Enterprise Application Platform 7.2.0Redhat Single Sign-on 7.3Redhat Jboss Brms 6.4.10Redhat Automation Manager 7.3.1Redhat Decision Manager 7.3.1
5
CVSSv2
CVE-2019-14439
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.x prior to 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.
Fasterxml Jackson-databindDebian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 29Fedoraproject Fedora 30Apache Drill 1.16.0Redhat Jboss Middleware Text-only Advisories 1.0Oracle Retail Xstore Point Of Service 15.0Oracle Banking Platform 2.4.0Oracle Retail Xstore Point Of Service 7.1Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Banking Platform 2.4.1Oracle Primavera Gateway 16.1Oracle Primavera Gateway 16.2Oracle Primavera Gateway 15.2Oracle Banking Platform 2.5.0Oracle Retail Xstore Point Of Service 16.0Oracle Jd Edwards Enterpriseone Orchestrator 9.2Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Retail Customer Management And Segmentation Foundation 17.0
7.5
CVSSv2
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind prior to 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
Fasterxml Jackson-databindDebian Debian Linux 8.0Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Active Iq Unified ManagerFedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Redhat Openshift Container Platform 4.1Redhat Single Sign-on 7.3Redhat Openshift Container Platform 3.11Oracle Retail Xstore Point Of Service 15.0Oracle Primavera Unifier 16.2Oracle Banking Platform 2.4.0Oracle Retail Xstore Point Of Service 7.1Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Banking Platform 2.4.1Oracle Primavera Gateway 16.2Oracle Primavera Gateway 15.2
4.3
CVSSv2
CVE-2018-11057
RSA BSAFE Micro Edition Suite, versions before 4.0.11 (in 4.0.x) and before 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key.
Dell BsafeOracle Application Testing Suite 13.3.0.1Oracle Communications Analytics 12.1.1Oracle Communications Ip Service Activator 7.3.0Oracle Communications Ip Service Activator 7.4.0Oracle Core Rdbms 11.2.0.4Oracle Core Rdbms 12.1.0.2Oracle Core Rdbms 12.2.0.1Oracle Core Rdbms 18cOracle Core Rdbms 19cOracle Enterprise Manager Ops Center 12.3.3Oracle Enterprise Manager Ops Center 12.4.0Oracle Goldengate Application Adapters 12.3.2.1.0Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Real User Experience Insight 13.1.2.1Oracle Real User Experience Insight 13.2.3.1Oracle Real User Experience Insight 13.3.1.0Oracle Retail Predictive Application Server 15.0.3Oracle Retail Predictive Application Server 16.0.3.0Oracle Security Service 11.1.1.9.0Oracle Security Service 12.1.3.0.0Oracle Security Service 12.2.1.3.0
5
CVSSv2
CVE-2018-11054
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.
Dell Bsafe 4.1.6Oracle Application Testing Suite 13.3.0.1Oracle Communications Analytics 12.1.1Oracle Communications Ip Service Activator 7.3.4Oracle Communications Ip Service Activator 7.4.0Oracle Core Rdbms 11.2.0.4Oracle Core Rdbms 12.1.0.2Oracle Core Rdbms 12.2.0.1Oracle Core Rdbms 18cOracle Core Rdbms 19cOracle Enterprise Manager Ops Center 12.3.3Oracle Enterprise Manager Ops Center 12.4.0Oracle Goldengate Application Adapters 12.3.2.1.0Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Real User Experience Insight 13.1.2.1Oracle Real User Experience Insight 13.2.3.1Oracle Real User Experience Insight 13.3.1.0Oracle Retail Predictive Application Server 15.0.3Oracle Retail Predictive Application Server 16.0.3Oracle Security Service 11.1.1.9.0Oracle Security Service 12.1.3.0.0Oracle Security Service 12.2.1.2.0
2.1
CVSSv2
CVE-2018-11055
RSA BSAFE Micro Edition Suite, versions before 4.0.11 (in 4.0.x) and before 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability. Decoded PKCS #12 data in heap memory is not zeroized by MES before releasing th...
Dell BsafeOracle Application Testing Suite 13.3.0.1Oracle Communications Analytics 12.1.1Oracle Communications Ip Service Activator 7.3.0Oracle Communications Ip Service Activator 7.4.0Oracle Core Rdbms 11.2.0.4Oracle Core Rdbms 12.1.0.2Oracle Core Rdbms 12.2.0.1Oracle Core Rdbms 18cOracle Core Rdbms 19cOracle Enterprise Manager Ops Center 12.3.3Oracle Enterprise Manager Ops Center 12.4.0Oracle Goldengate Application Adapters 12.3.2.1.0Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Real User Experience Insight 13.1.2.1Oracle Real User Experience Insight 13.2.3.1Oracle Real User Experience Insight 13.3.1.0Oracle Retail Predictive Application Server 15.0.3Oracle Retail Predictive Application Server 16.0.3.0Oracle Security Service 11.1.1.9.0Oracle Security Service 12.1.3.0.0Oracle Security Service 12.2.1.3.0
4
CVSSv2
CVE-2018-11056
RSA BSAFE Micro Edition Suite, before 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions before 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use mali...
Dell Bsafe Crypto-cDell BsafeOracle Application Testing Suite 13.3.0.1Oracle Communications Analytics 12.1.1Oracle Communications Ip Service Activator 7.3.0Oracle Communications Ip Service Activator 7.4.0Oracle Core Rdbms 11.2.0.4Oracle Core Rdbms 12.1.0.2Oracle Core Rdbms 12.2.0.1Oracle Core Rdbms 18cOracle Core Rdbms 19cOracle Enterprise Manager Ops Center 12.3.3Oracle Enterprise Manager Ops Center 12.4.0Oracle Goldengate Application Adapters 12.3.2.1.0Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Real User Experience Insight 13.1.2.1Oracle Real User Experience Insight 13.2.3.1Oracle Real User Experience Insight 13.3.1.0Oracle Retail Predictive Application Server 15.0.3Oracle Retail Predictive Application Server 16.0.3.0Oracle Security Service 11.1.1.9.0Oracle Security Service 12.1.3.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook