Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle api gateway 11.1.2.4.0 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-3601
Vulnerability in the Oracle API Gateway component of Oracle Fusion Middleware (subcomponent: Oracle API Gateway). The supported version that is affected is 11.1.2.4.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to com...
Oracle Api Gateway 11.1.2.4.0
7.5
CVSSv3
CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and previous versions have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fi...
Bouncycastle Fips Java Api
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Debian Debian Linux 9.0
Oracle Api Gateway 11.1.2.4.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Transaction Management 12.1.0
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
Oracle Communications Converged Application Server
Oracle Communications Webrtc Session Controller
1 Github repository
7.5
CVSSv3
CVE-2019-17566
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET reques...
Apache Batik
Oracle Api Gateway 11.1.2.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Business Intelligence 5.9.0.0.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Communications Application Session Controller 3.9m0p2
Oracle Communications Metasolv Solution
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Fusion Middleware Mapviewer 12.2.1.4.0
1 Github repository
5.9
CVSSv3
CVE-2018-0735
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
Openssl Openssl
Openssl Openssl 1.1.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Nodejs Node.js
Nodejs Node.js 10.13.0
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
1 Github repository
5.9
CVSSv3
CVE-2018-0734
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fi...
Openssl Openssl
Openssl Openssl 1.1.1
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Nodejs Node.js
Nodejs Node.js 10.13.0
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Oncommand Unified Manager
4.7
CVSSv3
CVE-2018-5407
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Nodejs Node.js
Openssl Openssl
Tenable Nessus
Oracle Api Gateway 11.1.2.4.0
Oracle Application Server 0.9.8
Oracle Application Server 1.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-1000613
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Netapp Oncommand Workflow Automation -
Opensuse Leap 15.1
Oracle Api Gateway 11.1.2.4.0
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Transaction Management 12.1.0
Oracle Communications Application Session Controller 3.7.1
7.5
CVSSv3
CVE-2020-11979
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively n...
Apache Ant 1.10.8
Gradle Gradle
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Api Gateway 11.1.2.4.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
5.9
CVSSv3
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Api Gateway 11.1.2.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Business Intelligence 5.9.0.0.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Diameter Intelligence Hub
5 Github repositories
1 Article
5.9
CVSSv3
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Active Iq Unified Manager
Netapp Active Iq Unified Manager -
Netapp Altavault -
Netapp Cloud Backup -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Element Software -
3 Github repositories
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
kernel
CVE-2025-22654
CVE-2025-0108
memory leak
CVE-2025-1447
CVE-2025-24200
XML external entity
CVE-2025-25475
CVE-2024-13663
wedevs
bypass
rameez iqbal
visualizer
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started