Vulnerabilities > Oracle > Application Performance Management > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-13 | CVE-2021-29425 | Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. | 4.8 |
| 2020-04-15 | CVE-2020-2946 | Unspecified vulnerability in Oracle Application Performance Management 12.1.0.5/13.2.0.0/13.3.0.0 Vulnerability in the Application Performance Management product of Oracle Enterprise Manager (component: EM Request Monitoring). | 6.0 |
| 2019-11-08 | CVE-2019-10219 | Cross-site Scripting vulnerability in multiple products A vulnerability was found in Hibernate-Validator. | 6.1 |
| 2019-09-18 | CVE-2019-3740 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3739 | Cryptographic Issues vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3738 | Missing Required Cryptographic Step vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. | 6.5 |