Vulnerabilities > Oracle > Application Testing Suite > 12.5.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-21 | CVE-2016-0482 | Directory Traversal vulnerability in Oracle Application Testing Suite 12.4.0.2/12.5.0.2 Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0480, CVE-2016-0481, CVE-2016-0485, and CVE-2016-0486. | 5.0 |
| 2016-01-21 | CVE-2016-0480 | Directory Traversal vulnerability in Oracle Application Testing Suite 12.4.0.2/12.5.0.2 Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0481, CVE-2016-0482, CVE-2016-0485, and CVE-2016-0486. | 5.0 |
| 2016-01-21 | CVE-2016-0478 | Directory Traversal vulnerability in Oracle Application Testing Suite 12.4.0.2/12.5.0.2 Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0476 and CVE-2016-0477. | 5.0 |
| 2016-01-21 | CVE-2016-0477 | Directory Traversal vulnerability in Oracle Application Testing Suite 12.4.0.2/12.5.0.2 Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0476 and CVE-2016-0478. | 5.0 |
| 2015-11-09 | CVE-2015-7940 | Information Exposure vulnerability in multiple products The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack." | 5.0 |