Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle business process management suite 12.1.3.0.0 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2018-3100
Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware (subcomponent: Process Analysis & Discovery). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnera...
Oracle Business Process Management Suite 11.1.1.7.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.2.0
Oracle Business Process Management Suite 12.2.1.3.0
5
CVSSv2
CVE-2018-11761
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
Apache Tika
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
2 Github repositories
5
CVSSv2
CVE-2018-3246
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Communications Converged Application Server
Oracle Communications Webrtc Session Controller
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Convenience And Fuel Pos Software 2.8.1
Oracle Utilities Network Management System 1.12.0.3
Oracle Utilities Network Management System 2.3.0.0
5
CVSSv2
CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and previous versions have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fi...
Bouncycastle Fips Java Api
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Debian Debian Linux 9.0
Oracle Api Gateway 11.1.2.4.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Transaction Management 12.1.0
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
Oracle Communications Converged Application Server
Oracle Communications Webrtc Session Controller
1 Github repository
7.5
CVSSv2
CVE-2018-19360
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 16.1
7.5
CVSSv2
CVE-2018-19362
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 16.1
7.5
CVSSv2
CVE-2018-19361
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier
7.5
CVSSv2
CVE-2018-1000613
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Netapp Oncommand Workflow Automation -
Opensuse Leap 15.1
Oracle Api Gateway 11.1.2.4.0
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Transaction Management 12.1.0
Oracle Communications Application Session Controller 3.7.1
7.5
CVSSv2
CVE-2018-14719
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Banking Platform 2.5.0
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Clusterware 12.1.0.2.0
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
7.5
CVSSv2
CVE-2019-2904
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...
Oracle Application Testing Suite 12.5.0.3
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Banking Enterprise Collections 2.7.0
Oracle Banking Enterprise Collections 2.8.0
Oracle Banking Enterprise Originations 2.7.0
Oracle Banking Enterprise Originations 2.8.0
Oracle Banking Enterprise Product Manufacturing 2.7.0
Oracle Banking Enterprise Product Manufacturing 2.8.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.4.1
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
physical
picture gallery
CVE-2025-30352
administrator privileges
gdpr tools
CVE-2025-26007
CVE-2025-24514
CVE-2025-26581
CVE-2025-1098
wp multistore locator
CVE-2025-26986
nous ouvert utile et simple
command injection
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon