Vulnerabilities > Oracle > JD Edwards Enterpriseone Tools

DATE CVE VULNERABILITY TITLE RISK
2021-08-13 CVE-2021-37695 Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support.
network
low complexity
ckeditor debian fedoraproject oracle CWE-79
5.4
5.4
2021-08-12 CVE-2021-32808 Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support.
network
low complexity
ckeditor fedoraproject oracle CWE-79
5.4
5.4
2021-08-12 CVE-2021-32809 Cross-site Scripting vulnerability in multiple products
ckeditor is an open source WYSIWYG HTML editor with rich content support.
network
low complexity
ckeditor fedoraproject oracle CWE-79
5.4
5.4
2021-08-01 CVE-2021-32066 Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1.
network
high complexity
ruby-lang oracle CWE-755
7.4
7.4
2021-07-30 CVE-2021-31799 OS Command Injection vulnerability in multiple products
In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.
local
high complexity
debian ruby-lang oracle CWE-78
7.0
7.0
2021-07-21 CVE-2021-2351 Session Fixation vulnerability in Oracle products
Vulnerability in the Advanced Networking Option component of Oracle Database Server.
network
high complexity
oracle CWE-384
8.3
8.3
2021-07-21 CVE-2021-2373 Unspecified vulnerability in Oracle JD Edwards Enterpriseone Tools
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime).
network
low complexity
oracle
5.4
5.4
2021-07-21 CVE-2021-2375 Unspecified vulnerability in Oracle JD Edwards Enterpriseone Tools
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime).
network
low complexity
oracle
6.1
6.1
2021-07-13 CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1.
network
low complexity
ruby-lang debian oracle
5.8
5.8
2021-03-30 CVE-2021-21409 HTTP Request Smuggling vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty debian netapp oracle quarkus CWE-444
5.9
5.9