Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle primavera unifier 16.1 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-35460
common/InputStreamHelper.java in Packwood MPXJ prior to 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.
Mpxj Mpxj
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 21.12
445
VMScore
CVE-2020-11979
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively n...
Apache Ant 1.10.8
Gradle Gradle
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Flexcube Private Banking 12.0.0
Oracle Api Gateway 11.1.2.4.0
Oracle Banking Platform 2.4.1
Oracle Primavera Unifier 16.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Predictive Application Server 14.1
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Data Integrator 12.2.1.3.0
Oracle Primavera Unifier
Oracle Utilities Framework 4.3.0.5.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Communications Unified Inventory Management 7.4.0
436
VMScore
CVE-2017-10149
Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform). Supported versions that are affected are 9.13, 9.14, 10.1, 10.2, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows high privileged attacker with network ...
Oracle Primavera Unifier 10.1
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 10.2
Oracle Primavera Unifier 15.2
Oracle Primavera Unifier 9.13
Oracle Primavera Unifier 9.14
Oracle Primavera Unifier 15.1
429
VMScore
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
162 Github repositories
411
VMScore
CVE-2019-17558
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain rende...
Apache Solr
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
6 Github repositories
384
VMScore
CVE-2020-9489
A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache...
Apache Tika 1.24
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Messaging Server 8.1
384
VMScore
CVE-2018-8032
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Apache Axis
Oracle Agile Product Lifecycle Management Framework 9.3.3
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Peoplesoft Enterprise Human Capital Management Human Resources 9.2
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Base Platform 12.1.0.5
Oracle Flexcube Private Banking 12.0.0
Oracle Primavera Unifier 16.1
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Tuxedo 12.1.3
Oracle Internet Directory 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Communications Order And Service Management 7.3.0.0.0
Oracle Flexcube Core Banking 11.7.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Secure Global Desktop 5.4
Oracle Retail Order Broker 15.0
383
VMScore
CVE-2018-2966
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compr...
Oracle Primavera Unifier 16.2.4.0
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.2.1.0
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 17.8
Oracle Primavera Unifier 17.9
Oracle Primavera Unifier 17.6
Oracle Primavera Unifier 17.7
Oracle Primavera Unifier 17.3
Oracle Primavera Unifier 17.4
Oracle Primavera Unifier 17.5
Oracle Primavera Unifier 17.12
Oracle Primavera Unifier 17.1
Oracle Primavera Unifier 17.2
Oracle Primavera Unifier 17.10
Oracle Primavera Unifier 17.11
Oracle Primavera Unifier 18.3
Oracle Primavera Unifier 18.4
Oracle Primavera Unifier 18.1
Oracle Primavera Unifier 18.2
Oracle Primavera Unifier 18.7
Oracle Primavera Unifier 18.5
383
VMScore
CVE-2018-2968
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). Supported versions that are affected are 16.x, 17.x and 18.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compr...
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.2.1.0
Oracle Primavera Unifier 16.2.4.0
Oracle Primavera Unifier 17.8
Oracle Primavera Unifier 17.9
Oracle Primavera Unifier 17.6
Oracle Primavera Unifier 17.7
Oracle Primavera Unifier 17.4
Oracle Primavera Unifier 17.5
Oracle Primavera Unifier 17.12
Oracle Primavera Unifier 17.1
Oracle Primavera Unifier 17.2
Oracle Primavera Unifier 17.3
Oracle Primavera Unifier 17.10
Oracle Primavera Unifier 17.11
Oracle Primavera Unifier 18.3
Oracle Primavera Unifier 18.4
Oracle Primavera Unifier 18.1
Oracle Primavera Unifier 18.2
Oracle Primavera Unifier 18.7
Oracle Primavera Unifier 18.5
356
VMScore
CVE-2018-2969
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core). The supported version that is affected is 16.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera...
Oracle Primavera Unifier 16.2.4.0
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 16.2.1.0
Oracle Primavera Unifier 16.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »