VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
> Agile PLM
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2019-04-26
CVE-2019-2725
Injection vulnerability in Oracle products
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
network
low complexity
oracle
CWE-74
critical
9.8
9.8
2018-10-18
CVE-2018-15756
Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource.
network
low complexity
vmware
oracle
debian
7.5
7.5
2018-06-25
CVE-2018-11039
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC.
network
high complexity
vmware
oracle
debian
5.9
5.9
2018-05-11
CVE-2018-1258
Incorrect Authorization vulnerability in multiple products
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security.
network
low complexity
pivotal-software
vmware
oracle
netapp
redhat
CWE-863
8.8
8.8
2017-10-04
CVE-2017-12617
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g.
network
high complexity
apache
canonical
oracle
debian
netapp
redhat
CWE-434
8.1
8.1
2017-08-08
CVE-2017-10039
Unspecified vulnerability in Oracle Agile PLM 9.3.5/9.3.6
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Web Client).
network
low complexity
oracle
6.8
6.8
2017-04-06
CVE-2016-8735
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports.
network
low complexity
apache
canonical
netapp
debian
redhat
oracle
critical
9.8
9.8
«
Previous
1
2
...
3
4
5
6
7
(current)
»