Vulnerabilities > Oracle > Fusion Middleware

DATE CVE VULNERABILITY TITLE RISK
2024-10-15 CVE-2024-21190 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.4.0
Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middleware (component: Cloning).
network
low complexity
oracle
7.5
2024-10-15 CVE-2024-21191 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.4.0
Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Middleware (component: FMW Control Plugin).
network
low complexity
oracle
7.6
2024-10-15 CVE-2024-21192 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.4.0
Vulnerability in the Oracle Enterprise Manager for Fusion Middleware product of Oracle Fusion Middleware (component: WebLogic Mgmt).
local
low complexity
oracle
4.4
2024-10-15 CVE-2024-21205 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.4.0
Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality).
network
low complexity
oracle
6.5
2024-10-15 CVE-2024-21215 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.4.0/14.1.1.0.0
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).
network
low complexity
oracle
7.5
2020-09-19 CVE-2020-5421 In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
network
high complexity
vmware oracle netapp
6.5
2020-05-01 CVE-2020-10683 XXE vulnerability in multiple products
dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks.
network
low complexity
dom4j-project oracle opensuse netapp canonical CWE-611
critical
9.8
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
2019-08-20 CVE-2019-10086 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects.
7.3
2018-08-02 CVE-2018-3109 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.2/12.2.1.3
Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder).
network
low complexity
oracle
6.5