Vulnerabilities > Oracle > Enterprise Manager Base Platform
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-08 | CVE-2017-10091 | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 12.1.0/13.1.0/13.2.0 Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: UI Framework). | 7.7 |
| 2017-06-16 | CVE-2017-9735 | Information Exposure Through Discrepancy vulnerability in multiple products Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords. | 7.5 |
| 2017-04-24 | CVE-2017-3518 | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 12.1.0/13.1.0/13.2.0 Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: Discovery Framework). | 7.5 |
| 2017-04-17 | CVE-2017-5645 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | 9.8 |
| 2016-10-25 | CVE-2016-5604 | Improper Access Control vulnerability in Oracle Enterprise Manager Base Platform 12.1.0.5 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-3563. | 6.3 |
| 2016-07-21 | CVE-2016-3563 | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 12.1.0.5 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerability than CVE-2016-5604. | 6.3 |
| 2016-07-21 | CVE-2016-3540 | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 12.1.0.5/13.1.0.0 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework. | 4.3 |
| 2016-04-08 | CVE-2016-2381 | Improper Input Validation vulnerability in multiple products Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. | 7.5 |