Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle webcenter portal 11.1.1.9.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-3101
Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: Portlet Services). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Webcenter Portal 12.2.1.2.0
3.5
CVSSv2
CVE-2020-14552
Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access vi...
Oracle Webcenter Portal 11.1.1.9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
5.8
CVSSv2
CVE-2018-2713
Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with n...
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Webcenter Portal 12.2.1.2.0
5
CVSSv2
CVE-2019-2427
Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...
Oracle Webcenter Portal 11.1.1.9.0
Oracle Webcenter Portal 12.2.1.3.0
5
CVSSv2
CVE-2018-3254
Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
7.5
CVSSv2
CVE-2019-10173
It was found that xstream API version 1.4.10 prior to 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote malicious user to run arbitrary shell commands when unmarshalling XML or any support...
Xstream Project Xstream 1.4.10
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Utilities Framework
Oracle Communications Diameter Signaling Router
Oracle Communications Unified Inventory Management 7.3.0
Oracle Banking Platform
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3.0.9.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Endeca Information Discovery Studio 3.2.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
2 Github repositories
4.3
CVSSv2
CVE-2020-9281
A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 prior to 4.14 allows remote malicious users to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).
Ckeditor Ckeditor
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Application Express
Oracle Jd Edwards Enterpriseone Tools
Oracle Siebel Apps - Customer Order Management
Oracle Peoplesoft Enterprise Peopletools -
Oracle Banking Enterprise Default Management 2.12.0
Oracle Banking Enterprise Default Management 2.10.0
Oracle Banking Enterprise Default Managment
Oracle Banking Enterprise Default Management 2.7.0
Oracle Banking Enterprise Default Management 2.7.1
5
CVSSv2
CVE-2018-3246
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Weblogic Server 12.1.3.0.0
Oracle Communications Converged Application Server
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Convenience And Fuel Pos Software 2.8.1
Oracle Utilities Network Management System 2.3.0.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Utilities Network Management System 1.12.0.3
Oracle Utilities Network Management System 2.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Webrtc Session Controller
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Banking Platform 2.6.0
Oracle Utilities Network Management System 2.3.0.1
7.1
CVSSv2
CVE-2021-21341
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote malicious user to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resu...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Unified Inventory Management 7.4.1
2 Github repositories
5.8
CVSSv2
CVE-2021-21342
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new inst...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Communications Policy Management 12.5.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Business Activity Monitoring 12.2.1.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »