Vulnerabilities > Oracle > Fusion Middleware

DATE CVE VULNERABILITY TITLE RISK
2018-08-02 CVE-2018-3108 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.2/12.2.1.3
Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware (subcomponent: Oracle Notification Service).
network
low complexity
oracle
6.5
2018-02-28 CVE-2018-1304 The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition.
network
high complexity
apache redhat debian canonical oracle
5.9
2018-02-23 CVE-2018-1305 Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded.
network
low complexity
apache debian canonical oracle
6.5
2015-08-14 CVE-2014-3576 Permissions, Privileges, and Access Controls vulnerability in multiple products
The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.
network
low complexity
apache oracle CWE-264
7.5
2012-10-16 CVE-2012-3152 Unspecified vulnerability in Oracle Fusion Middleware 11.1.1.4.0/11.1.1.6.0/11.1.2.0
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component.
network
low complexity
oracle
critical
9.1
2012-10-16 CVE-2012-0518 Open Redirect vulnerability in Oracle Fusion Middleware 10.1.4.3
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
network
low complexity
oracle CWE-601
4.7
2012-05-03 CVE-2012-1710 Unspecified vulnerability in Oracle Fusion Middleware 10.1.3.5
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1709.
network
low complexity
oracle
critical
9.8