Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle scripting vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-3300
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Multichannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...
Oracle Peoplesoft Enterprise Peopletools 8.54
Oracle Peoplesoft Enterprise Peopletools 8.55
NA
CVE-2007-3553
Cross-site scripting (XSS) vulnerability in Rapid Install Web Server in Oracle Application Server 11i allows remote malicious users to inject arbitrary web script or HTML via a URL to the "Secondary Login Page", as demonstrated using (1) pls/ and (2) pls/MSBEP004/. NOTE...
Oracle Application Server 11i
Oracle Rapid Install Web Server
1 EDB exploit
NA
CVE-2015-2655
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Oracle Database Server
6.1
CVSSv3
CVE-2019-2413
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware (subcomponent: Valid Session). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Oracle Reports Developer 12.2.1.3
1 EDB exploit
6.1
CVSSv3
CVE-2018-2699
Vulnerability in the Application Express component of Oracle Database Server. The supported version that is affected is before 5.1.4.00.08. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Application Express. Successful ...
Oracle Application Express
NA
CVE-2012-0551
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and previous versions and 6 update 32 and previous versions, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote ma...
Oracle Glassfish Server 3.1.1
Sun Jdk 1.6.0
Sun Jre 1.6.0
Oracle Jre 1.6.0
Oracle Jdk
Oracle Jdk 1.6.0
Oracle Jre
Oracle Jre 1.7.0
Oracle Jdk 1.7.0
1 EDB exploit
NA
CVE-2014-2400
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote malicious users to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2399...
Oracle Fusion Middleware 2.2.2
NA
CVE-2009-1553
Multiple cross-site scripting (XSS) vulnerabilities in the Admin Console in Sun GlassFish Enterprise Server 2.1 allow remote malicious users to inject arbitrary web script or HTML via the query string to (1) applications/applications.jsf, (2) configuration/configuration.jsf, (3) ...
Oracle Glassfish Server 2.1
8 EDB exploits
NA
CVE-2007-1506
Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote malicious users to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters.
Oracle Application Server Portal
1 EDB exploit
2.4
CVSSv3
CVE-2018-3184
Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcomponent: IQR - Foundation Services). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion BI+. ...
Oracle Hyperion Bi\\+ 11.1.2.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »