Vulnerabilities > Oracle > Primavera Gateway

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2023-21888 Unspecified vulnerability in Oracle Primavera Gateway
Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: WebUI).
network
low complexity
oracle
5.4
2022-03-11 CVE-2020-36518 Out-of-bounds Write vulnerability in multiple products
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
network
low complexity
fasterxml oracle debian netapp CWE-787
7.5
2022-01-24 CVE-2022-23437 Infinite Loop vulnerability in multiple products
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads.
network
low complexity
apache oracle netapp CWE-835
6.5
2021-12-28 CVE-2021-44832 Improper Input Validation vulnerability in multiple products
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server.
network
high complexity
apache oracle cisco fedoraproject debian CWE-20
6.6
2021-12-18 CVE-2021-45105 Uncontrolled Recursion vulnerability in multiple products
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups.
network
high complexity
apache netapp debian sonicwall oracle CWE-674
5.9
2021-10-26 CVE-2021-41183 Cross-site Scripting vulnerability in multiple products
jQuery-UI is the official jQuery user interface library.
6.1
2021-07-21 CVE-2021-2351 Session Fixation vulnerability in Oracle products
Vulnerability in the Advanced Networking Option component of Oracle Database Server.
network
high complexity
oracle CWE-384
8.3
2021-07-14 CVE-2021-36373 When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs.
local
low complexity
apache oracle
5.5
2021-07-14 CVE-2021-36374 When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs.
local
low complexity
apache oracle
5.5
2021-07-13 CVE-2021-36090 When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache oracle netapp
7.5