Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application express vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2015-2655
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Oracle Database Server
4.3
CVSSv2
CVE-2020-26870
Cure53 DOMPurify prior to 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, as demonstrated by nesting of FORM elements.
Cure53 Dompurify
Debian Debian Linux 9.0
Microsoft Visual Studio 2017 15.9
Microsoft Visual Studio 2019 16.0
Microsoft Visual Studio 2019 16.4
Microsoft Visual Studio 2019 16.8
Microsoft Visual Studio 2019 16.7
Oracle Application Express
4.3
CVSSv2
CVE-2021-26272
It was possible to execute a ReDoS-type attack inside CKEditor 4 prior to 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).
Ckeditor Ckeditor
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Commerce Merchandising 11.1.0
Oracle Commerce Merchandising 11.2.0
Oracle Commerce Merchandising
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Financial Services Model Management And Governance
Oracle Jd Edwards Enterpriseone Tools
Oracle Siebel Ui Framework
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
3.5
CVSSv2
CVE-2021-41165
CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, w...
Ckeditor Ckeditor
Drupal Drupal
Oracle Webcenter Portal 12.2.1.3.0
Oracle Agile Product Lifecycle Management 9.3.6
Oracle Banking Digital Experience 19.1
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Application Express
4.3
CVSSv2
CVE-2016-7103
Cross-site scripting (XSS) vulnerability in jQuery UI prior to 1.12.0 might allow remote malicious users to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Jqueryui Jquery Ui
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Hospitality Cruise Fleet Management 9.0.11
Oracle Application Express
Oracle Primavera Unifier
Oracle Siebel Ui Framework
Oracle Oss Support Tools
Oracle Oss Support Tools 2.12.42
Fedoraproject Fedora 30
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Snapcenter -
Redhat Openstack 7.0
Redhat Openstack 9
Redhat Openstack 8
Juniper Junos 21.2
Debian Debian Linux 9.0
3.5
CVSSv2
CVE-2021-37695
ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed Fake Objects HTML, which could ...
Ckeditor Ckeditor
Debian Debian Linux 9.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Jd Edwards Enterpriseone Tools
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Financial Services Model Management And Governance
Oracle Banking Party Management 2.7.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Application Express
3.5
CVSSv2
CVE-2021-41164
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, ...
Ckeditor Ckeditor
Drupal Drupal
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Banking Digital Experience 21.1
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Webcenter Portal 12.2.1.3.0
Oracle Agile Plm 9.3.6
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Application Express
Fedoraproject Fedora 36
Fedoraproject Fedora 37
3.5
CVSSv2
CVE-2021-32808
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could re...
Ckeditor Ckeditor
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Webcenter Sites 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Sites 12.2.1.4.0
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Banking Party Management 2.7.0
Oracle Siebel Ui Framework
Oracle Jd Edwards Enterpriseone Tools
Oracle Financial Services Model Management And Governance 8.1.0.0.0
Oracle Financial Services Model Management And Governance 8.0.8.0.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Application Express
4.3
CVSSv2
CVE-2020-27193
A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote malicious users to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs.
Ckeditor Ckeditor 4.15.0
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.8.0
Oracle Banking Platform 2.9.0
Oracle Commerce Merchandising 11.0.0
Oracle Commerce Merchandising 11.1.0
Oracle Commerce Merchandising 11.2.0
Oracle Commerce Merchandising 11.3.0
Oracle Commerce Merchandising 11.3.1
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Jd Edwards Enterpriseone Tools
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
3.5
CVSSv2
CVE-2022-24728
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing ...
Ckeditor Ckeditor
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Commerce Merchandising 11.3.2
Oracle Financial Services Trade-based Anti Money Laundering 8.0.7
Oracle Financial Services Trade-based Anti Money Laundering 8.0.8
Fedoraproject Fedora 36
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1
Oracle Financial Services Behavior Detection Platform
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Behavior Detection Platform 8.0.8.0
Oracle Financial Services Behavior Detection Platform 8.0.7.0
Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924
CVE-2024-3400
overflow
CVE-2024-23528
CVE-2024-21338
CVE-2024-3818
CVE-2024-23535
NULL pointer dereference
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »