Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications policy management 12.5.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-0233
An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.
Apache Struts
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Mysql Enterprise Monitor
1 Article
9.8
CVSSv3
CVE-2019-0230
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Apache Struts
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Mysql Enterprise Monitor
6 Github repositories
1 Article
7.7
CVSSv3
CVE-2020-5258
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes t...
Linuxfoundation Dojo
Debian Debian Linux 8.0
Oracle Communications Application Session Controller 3.9.0
Oracle Communications Policy Management 12.5.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Documaker
Oracle Mysql
Oracle Primavera Unifier
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Webcenter Sites 12.2.1.3.0
9.8
CVSSv3
CVE-2020-17530
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
Apache Struts
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Communications Diameter Intelligence Hub 8.0.0
Oracle Communications Diameter Intelligence Hub 8.1.0
Oracle Communications Diameter Intelligence Hub 8.2.0
Oracle Communications Diameter Intelligence Hub 8.2.3
Oracle Communications Policy Management 12.5.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Hospitality Opera 5 5.6
12 Github repositories
1 Article
8.1
CVSSv3
CVE-2020-24616
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager -
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Liquidity Management 14.2
Oracle Banking Liquidity Management 14.3
Oracle Banking Liquidity Management 14.5
Oracle Banking Supply Chain Finance 14.2
Oracle Banking Supply Chain Finance 14.3
Oracle Banking Supply Chain Finance 14.5
Oracle Blockchain Platform
1 Github repository
5.3
CVSSv3
CVE-2021-33037
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ign...
Apache Tomcat
Apache Tomee 8.0.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Agile Plm 9.3.6
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Oracle Communications Diameter Signaling Router
Oracle Communications Instant Messaging Server 10.0.1.5.0
Oracle Communications Policy Management 12.5.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Session Report Manager
7.5
CVSSv3
CVE-2021-21343
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new inst...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Enterprise Default Management 2.10.0
Oracle Banking Enterprise Default Management 2.12.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
8.1
CVSSv3
CVE-2020-24750
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.
Fasterxml Jackson-databind
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Corporate Lending Process Management 14.2.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.5.0
Oracle Banking Credit Facilities Process Management 14.2.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Credit Facilities Process Management 14.5.0
Oracle Banking Liquidity Management 14.2
Oracle Banking Liquidity Management 14.3
1 Github repository
8.1
CVSSv3
CVE-2020-35728
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
Fasterxml Jackson-databind
Debian Debian Linux 9.0
Netapp Service Level Manager -
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue 21.0.2
Oracle Banking Corporate Lending Process Management 14.2
Oracle Banking Corporate Lending Process Management 14.3
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
Oracle Banking Credit Facilities Process Management 14.5
9.1
CVSSv3
CVE-2021-21342
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new inst...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Enterprise Default Management 2.10.0
Oracle Banking Enterprise Default Management 2.12.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-55591
CVE-2024-13184
unauthorized
information disclosure
CVE-2024-13385
CVE-2024-43468
denial of service
CVE-2024-57370
CVE-2025-21606
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »