Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle webcenter sites 12.2.1.4.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-14613
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced User Interface). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
6.1
CVSSv3
CVE-2024-20908
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCe...
Oracle Webcenter Sites 12.2.1.4.0
5
CVSSv2
CVE-2020-7226
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows malicious users to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within ...
Vt Cryptacular
Oracle Communications Services Gatekeeper 7.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
5
CVSSv2
CVE-2020-5258
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes t...
Linuxfoundation Dojo
Debian Debian Linux 8.0
Oracle Communications Application Session Controller 3.9.0
Oracle Communications Policy Management 12.5.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Documaker
Oracle Mysql
Oracle Primavera Unifier
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Webcenter Sites 12.2.1.3.0
4.3
CVSSv2
CVE-2021-26271
It was possible to execute a ReDoS-type attack inside CKEditor 4 prior to 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
Ckeditor Ckeditor
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Jd Edwards Enterpriseone Tools
Oracle Siebel Ui Framework
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
4.3
CVSSv2
CVE-2021-26272
It was possible to execute a ReDoS-type attack inside CKEditor 4 prior to 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).
Ckeditor Ckeditor
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Commerce Merchandising
Oracle Commerce Merchandising 11.1.0
Oracle Commerce Merchandising 11.2.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Financial Services Model Management And Governance
3.5
CVSSv2
CVE-2021-32808
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could re...
Ckeditor Ckeditor
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Application Express
Oracle Banking Party Management 2.7.0
Oracle Commerce Guided Search 11.3.2
Oracle Commerce Merchandising 11.3.2
Oracle Documaker 12.6.3
Oracle Documaker 12.6.4
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Model Management And Governance 8.0.8.0.0
5
CVSSv2
CVE-2019-5427
c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.
Mchange C3p0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Communications Ip Service Activator 7.3.0
Oracle Communications Ip Service Activator 7.4.0
Oracle Communications Session Route Manager
Oracle Documaker
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
6.8
CVSSv2
CVE-2019-17531
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in ...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
2 Github repositories
6.5
CVSSv2
CVE-2021-29505
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions before 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the re...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Snapmanager -
Oracle Banking Cash Management 14.2
Oracle Banking Cash Management 14.3
Oracle Banking Cash Management 14.5
Oracle Banking Corporate Lending Process Management 14.2.0
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
desktop browser
urbancode velocity
CVE-2024-57932
CVE-2025-21655
CVE-2024-12084
CVE-2023-34960
unauthorized
CSRF
CVE-2024-57913
privilege
CVE-2025-21649
itsourcecode
cp-xr-de21-s router
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »