Vulnerabilities > Oracle > Application Testing Suite

DATE CVE VULNERABILITY TITLE RISK
2019-10-02 CVE-2019-17091 Cross-site Scripting vulnerability in multiple products
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
network
low complexity
eclipse oracle CWE-79
6.1
2019-08-20 CVE-2019-10086 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects.
7.3
2019-07-23 CVE-2019-2727 Unspecified vulnerability in Oracle Application Testing Suite 13.3
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps).
network
low complexity
oracle
7.3
2019-05-01 CVE-2019-0227 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006.
high complexity
apache oracle CWE-918
7.5
2019-04-23 CVE-2019-2557 Unspecified vulnerability in Oracle Application Testing Suite 13.3.0.1
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps).
network
low complexity
oracle
6.3
2019-04-20 CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. 6.1
2019-01-16 CVE-2018-3305 Unspecified vulnerability in Oracle Application Testing Suite
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps).
network
low complexity
oracle
6.3
2019-01-16 CVE-2018-3304 Unspecified vulnerability in Oracle Application Testing Suite
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps).
network
low complexity
oracle
6.5
2018-11-16 CVE-2018-15769 RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue.
network
low complexity
dell oracle
7.5
2018-09-14 CVE-2018-11058 Out-of-bounds Read vulnerability in multiple products
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data.
network
low complexity
dell oracle CWE-125
critical
9.8