Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle webcenter portal 12.2.1.4.0 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2020-14552
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access vi...
Oracle Webcenter Portal 11.1.1.9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
8.6
CVSSv3
CVE-2020-14611
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Composer). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise ...
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
4.4
CVSSv3
CVE-2024-20992
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Content integration). The supported version that is affected is 12.2.1.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Or...
Oracle Webcenter Portal 12.2.1.4.0
5.5
CVSSv3
CVE-2021-28657
A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.
Apache Tika
Oracle Healthcare Foundation 7.3.0
Oracle Healthcare Foundation 8.0.0
Oracle Healthcare Foundation 8.1.0
Oracle Primavera Unifier
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Messaging Server 8.1
5.5
CVSSv3
CVE-2020-9489
A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache...
Apache Tika 1.24
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Messaging Server 8.1
7.5
CVSSv3
CVE-2019-17359
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.63
Apache Tomee 7.0.7
Apache Tomee 7.1.2
Apache Tomee 8.0.1
Netapp Active Iq Unified Manager
Netapp Oncommand Api Services -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Convergence
Oracle Communications Diameter Signaling Router
9.8
CVSSv3
CVE-2020-2555
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with net...
Oracle Access Manager 11.1.2.3.0
Oracle Coherence 3.7.1.0
Oracle Coherence 12.1.3.0.0
Oracle Coherence 12.2.1.3.0
Oracle Coherence 12.2.1.4.0
Oracle Commerce Platform
Oracle Commerce Platform 11.0.0
Oracle Commerce Platform 11.1.0
Oracle Commerce Platform 11.2.0
Oracle Communications Diameter Signaling Router
Oracle Healthcare Data Repository 7.0.1
Oracle Rapid Planning 12.1
24 Github repositories
2 Articles
9.8
CVSSv3
CVE-2019-10173
It was found that xstream API version 1.4.10 prior to 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote malicious user to run arbitrary shell commands when unmarshalling XML or any support...
Xstream Project Xstream 1.4.10
Oracle Banking Platform
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3.0.9.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Communications Diameter Signaling Router
Oracle Communications Unified Inventory Management 7.3.0
2 Github repositories
7.5
CVSSv3
CVE-2020-11612
The ZlibDecoders in Netty 4.1.x prior to 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.
Netty Netty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Netapp Oncommand Api Services -
Netapp Oncommand Insight -
Netapp Oncommand Workflow Automation -
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
Oracle Communications Cloud Native Core Service Communication Proxy 1.5.2
Oracle Communications Design Studio 7.4.2
Oracle Nosql Database
Oracle Siebel Core - Server Framework
6.1
CVSSv3
CVE-2020-9281
A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 prior to 4.14 allows remote malicious users to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).
Ckeditor Ckeditor
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Drupal Drupal
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Jd Edwards Enterpriseone Tools
Oracle Peoplesoft Enterprise Peopletools -
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-51941
CVE-2024-24417
server-side request forgery
jd edwards enterpriseone tools
google
hardcoded
CVE-2025-21569
weblogic server
IDOR
CVE-2024-24418
CVE-2024-55591
CVE-2024-49138
peoplesoft enterprise cc common application objects
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »