Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

oracle enterprise manager base platform 13.2.1.0 vulnerabilities and exploits

(subscribe to this query)
1000
VMScore

CVE-2019-12419

Apache CXF prior to 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the suppli...
Apache CxfOracle Commerce Guided Search 11.3.2Oracle Enterprise Manager Base Platform 13.2.1.0Oracle Flexcube Private Banking 12.0.0Oracle Flexcube Private Banking 12.1.0Oracle Retail Order Broker 15.0
630
VMScore

CVE-2020-1954

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-midd...
Apache CxfOracle Communications Diameter Signaling RouterOracle Communications Element ManagerOracle Communications Session Report ManagerOracle Enterprise Manager Base Platform 13.2.1.0Oracle Peoplesoft Enterprise Peopletools 8.56Netapp Oncommand Workflow Automation -Netapp Snapmanager -Oracle Communications Diameter Signaling Router Idih Oracle Communications Session Route Manager
850
VMScore

CVE-2019-5427

c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.
Mchange C3p0Fedoraproject Fedora 29Fedoraproject Fedora 30Oracle Communications Ip Service Activator 7.3.0Oracle Communications Ip Service Activator 7.4.0Oracle Communications Session Route ManagerOracle DocumakerOracle Enterprise Manager Base Platform 13.2.1.0Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Flexcube Private Banking 12.0.0Oracle Flexcube Private Banking 12.1.0Oracle Hyperion Infrastructure Technology 11.1.2.4
630
VMScore

CVE-2020-5397

Spring Framework, versions 5.2.x before 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight reques...
Vmware Spring FrameworkOracle Application Testing Suite 13.3.0.1Oracle Communications Brm - Elastic Charging Engine 11.3Oracle Communications Brm - Elastic Charging Engine 12.0Oracle Communications Diameter Signaling RouterOracle Communications Element Manager 8.1.1Oracle Communications Element Manager 8.2.0Oracle Communications Element Manager 8.2.1Oracle Communications Policy Management 12.5.0Oracle Communications Session Route Manager 8.1.1Oracle Communications Session Route Manager 8.2.0Oracle Communications Session Route Manager 8.2.1
850
VMScore

CVE-2020-5398

In Spring Framework, versions 5.2.x before 5.2.3, versions 5.1.x before 5.1.13, and versions 5.0.x before 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attrib...
Vmware Spring FrameworkOracle Application Testing Suite 13.3.0.1Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0Oracle Communications Cloud Native Core Policy 1.5.0Oracle Communications Diameter Signaling RouterOracle Communications Element Manager 8.1.1Oracle Communications Element Manager 8.2.0Oracle Communications Element Manager 8.2.1Oracle Communications Policy Management 12.5.0Oracle Communications Session Report Manager 8.1.1Oracle Communications Session Report Manager 8.2.0
1000
VMScore

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler up to and including 2.3.0 allows XXE attacks via a job description.
Softwareag QuartzOracle Apache Batik Mapviewer 12.2.0.1Oracle Apache Batik Mapviewer 18cOracle Apache Batik Mapviewer 19cOracle Banking Enterprise Originations 2.7.0Oracle Banking Enterprise Originations 2.8.0Oracle Banking Enterprise Product Manufacturing 2.7.0Oracle Banking Enterprise Product Manufacturing 2.8.0Oracle Banking PaymentsOracle Communications Ip Service Activator 7.3.0Oracle Communications Ip Service Activator 7.4.0Oracle Communications Session Route Manager
Preferred Score:
VMScore
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-2538CVE-2025-24813CVE-2024-57440CVE-2024-48591kube-apiserverCVE-2025-20014universal traffic recorder appCVE-2025-2557rediscode-projectsspoofbypasslocal
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook