Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle security service 12.2.1.4.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-30468
A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an malicious user to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions before 3.4.4; Apach...
Apache Cxf
Apache Tomee 8.0.6
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Communications Element Manager 8.2.2
8.8
CVSSv3
CVE-2020-11112
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
8.8
CVSSv3
CVE-2020-10672
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
8.8
CVSSv3
CVE-2020-10673
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
1 Github repository
8.8
CVSSv3
CVE-2020-10969
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
9.8
CVSSv3
CVE-2020-9546
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
8.8
CVSSv3
CVE-2020-10968
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Steelstore Cloud Integrated Storage -
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Retail Service Backbone 14.1
Oracle Primavera Unifier 16.1
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Retail Merchandising System 15.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 18.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Financial Services Price Creation And Discovery 8.0.7
Oracle Primavera Unifier 19.12
8.8
CVSSv3
CVE-2022-23307
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
Apache Chainsaw
Apache Log4j
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
1 Github repository
1 Article
8.8
CVSSv3
CVE-2022-23302
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBi...
Apache Log4j
Netapp Snapmanager -
Broadcom Brocade Sannav -
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
1 Article
4.8
CVSSv3
CVE-2021-29425
In Apache Commons IO prior to 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not furt...
Apache Commons Io 2.2
Apache Commons Io 2.3
Apache Commons Io 2.4
Apache Commons Io 2.5
Apache Commons Io 2.6
Debian Debian Linux 9.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
Oracle Flexcube Core Banking 5.2.0
Oracle Solaris Cluster 4.0
Oracle Access Manager 11.1.2.3.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Access Manager 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 16.0
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »