Vulnerabilities > Oracle > Enterprise Manager Base Platform > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-19	CVE-2022-21392	Unspecified vulnerability in Oracle Enterprise Manager Base Platform 13.4.0.0/13.5.0.0 Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). local low complexity oracle	8.8
2022-01-18	CVE-2022-23302	Deserialization of Untrusted Data vulnerability in multiple products JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. network low complexity apache netapp broadcom qos oracle CWE-502	8.8
2022-01-18	CVE-2022-23307	Deserialization of Untrusted Data vulnerability in multiple products CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. network low complexity apache qos oracle CWE-502	8.8
2021-12-14	CVE-2021-4104	Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. network high complexity apache fedoraproject redhat oracle CWE-502	7.5
2021-09-16	CVE-2021-34798	NULL Pointer Dereference vulnerability in multiple products Malformed requests may cause the server to dereference a NULL pointer. network low complexity apache fedoraproject debian netapp tenable oracle broadcom siemens CWE-476	7.5
2021-09-16	CVE-2021-36160	Out-of-bounds Read vulnerability in multiple products A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). network low complexity apache fedoraproject debian netapp oracle broadcom CWE-125	7.5
2021-05-19	CVE-2021-3517	There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. network low complexity xmlsoft redhat fedoraproject debian netapp oracle	8.6
2021-05-18	CVE-2021-3518	Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. network low complexity xmlsoft debian redhat fedoraproject netapp oracle CWE-416	8.8
2020-07-15	CVE-2020-2982	Unspecified vulnerability in Oracle Enterprise Manager Base Platform 13.3.0.0/13.4.0.0 Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). network low complexity oracle	7.1
2020-07-08	CVE-2020-11994	Injection vulnerability in multiple products Server-Side Template Injection and arbitrary file disclosure on Camel templating components network low complexity apache oracle CWE-74	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.