Vulnerabilities > Oracle > Fusion Middleware > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-10-15 CVE-2024-21192 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.4.0
Vulnerability in the Oracle Enterprise Manager for Fusion Middleware product of Oracle Fusion Middleware (component: WebLogic Mgmt).
local
low complexity
oracle
4.4
4.4
2024-10-15 CVE-2024-21205 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.4.0
Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality).
network
low complexity
oracle
6.5
6.5
2020-09-19 CVE-2020-5421 In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
network
high complexity
vmware oracle netapp
6.5
6.5
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
6.1
2018-08-02 CVE-2018-3109 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.2/12.2.1.3
Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder).
network
low complexity
oracle
6.5
6.5
2018-08-02 CVE-2018-3108 Unspecified vulnerability in Oracle Fusion Middleware 12.2.1.2/12.2.1.3
Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware (subcomponent: Oracle Notification Service).
network
low complexity
oracle
6.5
6.5
2018-02-28 CVE-2018-1304 The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition.
network
high complexity
apache redhat debian canonical oracle
5.9
5.9
2018-02-23 CVE-2018-1305 Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded.
network
low complexity
apache debian canonical oracle
6.5
6.5
2012-10-16 CVE-2012-0518 Open Redirect vulnerability in Oracle Fusion Middleware 10.1.4.3
Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.
network
low complexity
oracle CWE-601
4.7
4.7