Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webcenter sites vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2017-3595
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily "exploitable" vulnerability allows low privileged attacker w...
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 12.2.1.0.0
Oracle Webcenter Sites 12.2.1.2.0
Oracle Webcenter Sites 12.2.1.1.0
668
VMScore
CVE-2017-3540
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Server). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily "exploitable" vulnerability allows unauthenticated attacker with ...
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 12.2.1.1.0
Oracle Webcenter Sites 12.2.1.0.0
Oracle Webcenter Sites 12.2.1.2.0
668
VMScore
CVE-2014-0107
The TransformerFactory in Apache Xalan-Java prior to 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote malicious users to bypass expected restrictions and load arbitrary classes or access external resource...
Apache Xalan-java 2.6.0
Apache Xalan-java
Apache Xalan-java 2.0.1
Apache Xalan-java 2.0.0
Apache Xalan-java 2.5.1
Apache Xalan-java 2.5.0
Apache Xalan-java 2.4.1
Apache Xalan-java 2.1.0
Apache Xalan-java 2.7.0
Apache Xalan-java 2.5.2
Apache Xalan-java 2.2.0
Apache Xalan-java 2.4.0
Apache Xalan-java 1.0.0
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 7.6.2
623
VMScore
CVE-2017-3594
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows low privileged attacker with networ...
Oracle Webcenter Sites 12.2.1.0.0
Oracle Webcenter Sites 12.2.1.2.0
Oracle Webcenter Sites 11.1.1.8.0
Oracle Webcenter Sites 12.2.1.1.0
606
VMScore
CVE-2019-17531
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in ...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 16.2
Oracle Banking Platform 2.5.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
2 Github repositories
606
VMScore
CVE-2019-16943
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 16.2
Oracle Banking Platform 2.5.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Weblogic Server 12.2.1.4.0
605
VMScore
CVE-2020-2538
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCe...
Oracle Webcenter Sites 12.2.1.3.0
585
VMScore
CVE-2018-2791
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.2.0
Oracle Webcenter Sites 11.1.1.8.0
1 EDB exploit
1 Github repository
582
VMScore
CVE-2021-29505
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions before 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the re...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Snapmanager -
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Communications Unified Inventory Management 7.4.1
578
VMScore
CVE-2017-3596
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily "exploitable" vulnerability allows low privileged attacker w...
Oracle Webcenter Sites 12.2.1.1.0
Oracle Webcenter Sites 12.2.1.0.0
Oracle Webcenter Sites 12.2.1.2.0
Oracle Webcenter Sites 11.1.1.8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »