Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

oracle primavera unifier 17.0 vulnerabilities and exploits

(subscribe to this query)
8.1
CVSSv3

CVE-2018-2620

Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Platform). Supported versions that are affected are 10.x, 15.x, 16.x and 17.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...
Oracle Corporation Primavera UnifierOracle Primavera Unifier 10.0Oracle Primavera Unifier 10.1Oracle Primavera Unifier 15.0Oracle Primavera Unifier 15.1Oracle Primavera Unifier 15.2Oracle Primavera Unifier 16.0Oracle Primavera Unifier 16.1Oracle Primavera Unifier 16.2Oracle Primavera Unifier 17.0
9.8
CVSSv3

CVE-2019-14540

A Polymorphic Typing issue exists in FasterXML jackson-databind prior to 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
Fasterxml Jackson-databindNetapp Oncommand Api Services -Netapp Oncommand Workflow Automation -Netapp Steelstore Cloud Integrated Storage -Fedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Oracle Banking Platform 2.4.0
8.1
CVSSv3

CVE-2020-11620

FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).
Fasterxml Jackson-databindDebian Debian Linux 8.0Netapp Active Iq Unified ManagerNetapp Steelstore Cloud Integrated Storage -Oracle Banking PlatformOracle Communications Contacts Server 8.0.0.4.0Oracle Communications Evolved Communications Application Server 7.1Oracle Communications Instant Messaging Server 10.0.1.4.0Oracle Communications Network Charging And ControlOracle Communications Network Charging And Control 6.0.1Oracle Enterprise Manager Base Platform 13.3.0.0Oracle Enterprise Manager Base Platform 13.4.0.0
9.8
CVSSv3

CVE-2020-9547

FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
Fasterxml Jackson-databindNetapp Active Iq Unified ManagerDebian Debian Linux 8.0Oracle Autovue For Agile Product Lifecycle Management 21.0.2Oracle Banking PlatformOracle Communications Contacts Server 8.0.0.4.0Oracle Communications Evolved Communications Application Server 7.1Oracle Communications Instant Messaging Server 10.0.1.4.0Oracle Communications Network Charging And ControlOracle Communications Network Charging And Control 6.0.1Oracle Enterprise Manager Base Platform 13.3.0.0Oracle Enterprise Manager Base Platform 13.4.0.0
8.1
CVSSv3

CVE-2020-11619

FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
Fasterxml Jackson-databindDebian Debian Linux 8.0Netapp Active Iq Unified ManagerNetapp Steelstore Cloud Integrated Storage -Oracle Agile Plm 9.3.6Oracle Banking PlatformOracle Communications Calendar Server 8.0.0.4.0Oracle Communications Contacts Server 8.0.0.4.0Oracle Communications Contacts Server 8.0.0.5.0Oracle Communications Diameter Signaling RouterOracle Communications Evolved Communications Application Server 7.1Oracle Communications Instant Messaging Server 10.0.1.4.0
9.8
CVSSv3

CVE-2019-14379

SubTypeValidator.java in FasterXML jackson-databind prior to 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
Fasterxml Jackson-databindDebian Debian Linux 8.0Netapp Active Iq Unified ManagerNetapp Oncommand Workflow Automation -Netapp Service Level Manager -Netapp Snapcenter -Fedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Redhat Jboss Enterprise Application Platform 7.2Redhat Jboss Enterprise Application Platform 7.3Redhat Openshift Container Platform 4.1
8.8
CVSSv3

CVE-2020-11111

FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
Fasterxml Jackson-databindDebian Debian Linux 8.0Netapp Steelstore Cloud Integrated Storage -Oracle Agile Plm 9.3.6Oracle Autovue For Agile Product Lifecycle Management 21.0.2Oracle Banking Digital Experience 18.1Oracle Banking Digital Experience 18.2Oracle Banking Digital Experience 18.3Oracle Banking Digital Experience 19.1Oracle Banking Digital Experience 19.2Oracle Banking Digital Experience 20.1Oracle Banking Platform
9.8
CVSSv3

CVE-2020-9548

FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
Fasterxml Jackson-databindNetapp Active Iq Unified ManagerDebian Debian Linux 8.0Oracle Agile Plm 9.3.6Oracle Autovue For Agile Product Lifecycle Management 21.0.2Oracle Banking Digital Experience 18.1Oracle Banking Digital Experience 18.2Oracle Banking Digital Experience 18.3Oracle Banking Digital Experience 19.1Oracle Banking Digital Experience 19.2Oracle Banking Digital Experience 20.1Oracle Banking Platform
9.8
CVSSv3

CVE-2018-14718

FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
Fasterxml Jackson-databindDebian Debian Linux 8.0Debian Debian Linux 9.0Oracle Banking Platform 2.5.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.6.2Oracle Business Process Management Suite 12.1.3.0.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Communications Billing And Revenue Management 7.5Oracle Communications Billing And Revenue Management 12.0Oracle Communications Instant Messaging Server 10.0.1.3.0
9.8
CVSSv3

CVE-2019-20330

FasterXML jackson-databind 2.x prior to 2.9.10.2 lacks certain net.sf.ehcache blocking.
Fasterxml Jackson-databindOracle Banking PlatformOracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1Oracle Communications Contacts Server 8.0.0.4.0Oracle Communications Evolved Communications Application Server 7.1Oracle Communications Instant Messaging Server 10.0.1.4.0Oracle Communications Network Charging And ControlOracle Communications Network Charging And Control 6.0.1Oracle Customer Management And Segmentation Foundation 18.0Oracle Enterprise Manager Base Platform 13.3.0.0
Preferred Score:
CVSSv4
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-4862unspecifiedhardcodedCVE-2025-4477directory management systemCVE-2025-4891CVE-2025-4867CVE-2025-32421o2 ukelevation of privilegecode-projectsv-sftCVE-2024-46982
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook