Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle commerce platform 11.2.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-2463
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network acc...
Oracle Commerce Platform
Oracle Commerce Platform 11.0.0
Oracle Commerce Platform 11.1.0
Oracle Commerce Platform 11.2.0
4.3
CVSSv2
CVE-2020-27193
A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote malicious users to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs.
Ckeditor Ckeditor 4.15.0
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.8.0
Oracle Banking Platform 2.9.0
Oracle Commerce Merchandising 11.0.0
Oracle Commerce Merchandising 11.1.0
7.5
CVSSv2
CVE-2020-2555
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with net...
Oracle Access Manager 11.1.2.3.0
Oracle Coherence 3.7.1.0
Oracle Coherence 12.1.3.0.0
Oracle Coherence 12.2.1.3.0
Oracle Coherence 12.2.1.4.0
Oracle Commerce Platform
Oracle Commerce Platform 11.0.0
Oracle Commerce Platform 11.1.0
Oracle Commerce Platform 11.2.0
Oracle Communications Diameter Signaling Router
Oracle Healthcare Data Repository 7.0.1
Oracle Rapid Planning 12.1
24 Github repositories
2 Articles
5
CVSSv2
CVE-2020-25649
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Fasterxml Jackson-databind
Netapp Oncommand Api Services -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Fedoraproject Fedora 32
Quarkus Quarkus
Apache Iotdb
Oracle Agile Plm 9.3.6
Oracle Agile Product Lifecycle Management Integration Pack 3.6
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
1 Github repository
1 Article
6.8
CVSSv2
CVE-2020-36189
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.8.0
Oracle Banking Platform 2.9.0
6.8
CVSSv2
CVE-2020-35728
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
Fasterxml Jackson-databind
Debian Debian Linux 9.0
Netapp Service Level Manager -
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue 21.0.2
Oracle Banking Corporate Lending Process Management 14.2
Oracle Banking Corporate Lending Process Management 14.3
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
Oracle Banking Credit Facilities Process Management 14.5
6.8
CVSSv2
CVE-2020-36179
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Corporate Lending Process Management 14.2
Oracle Banking Corporate Lending Process Management 14.3
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
Oracle Banking Credit Facilities Process Management 14.5
1 Github repository
6.8
CVSSv2
CVE-2020-36180
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Corporate Lending Process Management 14.2
Oracle Banking Corporate Lending Process Management 14.3
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
Oracle Banking Credit Facilities Process Management 14.5
1 Github repository
6.8
CVSSv2
CVE-2020-36181
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Corporate Lending Process Management 14.2
Oracle Banking Corporate Lending Process Management 14.3
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
Oracle Banking Credit Facilities Process Management 14.5
Oracle Banking Extensibility Workbench 14.2
1 Github repository
6.8
CVSSv2
CVE-2020-36182
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Corporate Lending Process Management 14.2
Oracle Banking Corporate Lending Process Management 14.3
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
1 Github repository
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
physical
picture gallery
CVE-2025-30352
administrator privileges
gdpr tools
CVE-2025-26007
CVE-2025-24514
CVE-2025-26581
CVE-2025-1098
wp multistore locator
CVE-2025-26986
nous ouvert utile et simple
command injection
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon