Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle agile engineering data management 6.2.1.0 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-1996
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromi...
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Siebel Ui Framework
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.3.0.0
5.1
CVSSv2
CVE-2019-17563
When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the si...
Apache Tomcat
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 16.04
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Instantis Enterprisetrack
Oracle Micros Relate Crm Software 11.4
Oracle Mysql Enterprise Monitor
Oracle Retail Order Broker 15.0
5.8
CVSSv2
CVE-2019-17569
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomca...
Apache Tomcat
Apache Tomee 7.0.7
Opensuse Leap 15.1
Netapp Data Availability Services -
Netapp Oncommand System Manager
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Communications Instant Messaging Server 10.0.1.4.0
3.7
CVSSv2
CVE-2022-23181
The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local malicious user to perform actions with the privileges of the user that t...
Apache Tomcat
Apache Tomcat 10.0.0
Apache Tomcat 10.1.0
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.4.0
Oracle Mysql Enterprise Monitor
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.8
CVSSv2
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located be...
Apache Tomcat
Apache Tomcat 9.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Data Availability Services -
Netapp Oncommand System Manager
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Product Lifecycle Management 9.3.3
Oracle Agile Product Lifecycle Management 9.3.5
2.1
CVSSv2
CVE-2020-17521
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some context...
Apache Groovy
Apache Groovy 4.0.0
Netapp Snapcenter -
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
Oracle Agile Plm Mcad Connector 3.4
Oracle Agile Plm Mcad Connector 3.6
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Brm - Elastic Charging Engine 11.3.0.9.0
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
5
CVSSv2
CVE-2020-13934
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial ...
Apache Tomcat
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
7.5
CVSSv2
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Geode 1.12.0
Apache Tomcat
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Communications Element Manager 8.1.1
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
45 Github repositories
1 Article
5
CVSSv2
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lea...
Apache Tomcat
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 20.04
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
2 Github repositories
5
CVSSv2
CVE-2021-42340
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the c...
Apache Tomcat
Apache Tomcat 10.0.0
Apache Tomcat 10.1.0
Netapp Hci -
Netapp Management Services For Element Software -
Debian Debian Linux 11.0
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Big Data Spatial And Graph
Oracle Communications Diameter Signaling Router
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SQL injection
CVE-2024-52320
SQL
logic flaw
CVE-2024-6387
CVE-2024-11457
CVE-2024-11329
CVE-2024-50404
CVE-2023-48788
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »