Vulnerabilities > Oracle > Agile PLM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-18 | CVE-2023-22039 | Unspecified vulnerability in Oracle Agile PLM 9.3.6 Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: WebClient). | 5.4 |
| 2022-04-19 | CVE-2022-21467 | Unspecified vulnerability in Oracle Agile PLM 9.3.6 Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Attachments). | 6.5 |
| 2022-01-24 | CVE-2022-23437 | Infinite Loop vulnerability in multiple products There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. | 6.5 |
| 2021-12-18 | CVE-2021-45105 | Uncontrolled Recursion vulnerability in multiple products Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. | 5.9 |
| 2021-11-17 | CVE-2021-41164 | Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source WYSIWYG HTML editor. | 5.4 |
| 2021-11-10 | CVE-2021-3572 | A flaw was found in python-pip in the way it handled Unicode separators in git references. | 5.7 |
| 2021-10-26 | CVE-2021-41182 | Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. | 6.1 |
| 2021-10-26 | CVE-2021-41183 | Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. | 6.1 |
| 2021-10-26 | CVE-2021-41184 | Cross-site Scripting vulnerability in multiple products jQuery-UI is the official jQuery user interface library. | 6.1 |
| 2021-07-14 | CVE-2021-36373 | When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. | 5.5 |