Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle business process management suite 12.2.1.3.0 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2018-3100
Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware (subcomponent: Process Analysis & Discovery). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnera...
Oracle Business Process Management Suite 11.1.1.7.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.2.0
Oracle Business Process Management Suite 12.2.1.3.0
5
CVSSv2
CVE-2018-11761
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
Apache Tika
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
2 Github repositories
5
CVSSv2
CVE-2018-3246
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Communications Converged Application Server
Oracle Communications Webrtc Session Controller
Oracle Enterprise Repository 12.1.3.0.0
Oracle Retail Convenience And Fuel Pos Software 2.8.1
Oracle Utilities Network Management System 1.12.0.3
Oracle Utilities Network Management System 2.3.0.0
4.3
CVSSv2
CVE-2020-1950
A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23.
Apache Tika
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.0.2
Oracle Communications Messaging Server 8.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2020-1951
A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.
Apache Tika
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.0.2
Oracle Communications Messaging Server 8.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
5
CVSSv2
CVE-2018-1000180
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and previous versions have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fi...
Bouncycastle Fips Java Api
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Debian Debian Linux 9.0
Oracle Api Gateway 11.1.2.4.0
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Transaction Management 12.1.0
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
Oracle Communications Converged Application Server
Oracle Communications Webrtc Session Controller
1 Github repository
9
CVSSv2
CVE-2022-23307
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
Apache Chainsaw
Apache Log4j
Qos Reload4j
Oracle Advanced Supply Chain Planning 12.1
Oracle Advanced Supply Chain Planning 12.2
Oracle Business Intelligence 5.9.0.0.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
Oracle Communications Instant Messaging Server 10.0.1.5.0
1 Github repository
1 Article
6
CVSSv2
CVE-2022-23302
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBi...
Apache Log4j
Netapp Snapmanager -
Broadcom Brocade Sannav -
Qos Reload4j
Oracle Advanced Supply Chain Planning 12.1
Oracle Advanced Supply Chain Planning 12.2
Oracle Business Intelligence 5.9.0.0.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
2 Articles
6.8
CVSSv2
CVE-2022-23305
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows malicious users to manipulate the SQL by ent...
Apache Log4j
Netapp Snapmanager -
Broadcom Brocade Sannav -
Qos Reload4j
Oracle Advanced Supply Chain Planning 12.1
Oracle Advanced Supply Chain Planning 12.2
Oracle Business Intelligence 5.9.0.0.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Eagle Ftp Table Base Retrieval 4.5
2 Github repositories
1 Article
7.5
CVSSv2
CVE-2018-19360
FasterXML jackson-databind 2.x prior to 2.9.8 might allow malicious users to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Primavera Unifier
Oracle Primavera Unifier 16.1
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-23629
CVE-2024-52331
CVE-2025-0693
precious metals charts and widgets for wordpress
neofix
simple downloads list
CVE-2025-23544
CVE-2025-21298
client side
memory leak
CVE-2019-5418
XSS
deebot x5 pro plus
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »