VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Primavera Gateway
> 15.2
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2019-09-15
CVE-2019-16335
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml
fedoraproject
debian
netapp
redhat
oracle
CWE-502
critical
9.8
9.8
2019-09-15
CVE-2019-14540
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml
netapp
fedoraproject
debian
redhat
oracle
CWE-502
critical
9.8
9.8
2019-07-30
CVE-2019-14439
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2.
network
low complexity
fasterxml
debian
fedoraproject
apache
redhat
oracle
CWE-502
7.5
7.5
2019-07-29
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
network
low complexity
fasterxml
debian
netapp
fedoraproject
redhat
oracle
apple
critical
9.8
9.8
2018-10-18
CVE-2018-15756
Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource.
network
low complexity
vmware
oracle
debian
7.5
7.5
2018-05-11
CVE-2018-1257
Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module.
network
low complexity
vmware
redhat
oracle
6.5
6.5
2018-04-11
CVE-2018-1275
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module.
network
low complexity
vmware
oracle
critical
9.8
9.8
2018-04-06
CVE-2018-1272
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests.
network
high complexity
vmware
oracle
7.5
7.5
2018-04-06
CVE-2018-1271
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g.
network
high complexity
vmware
oracle
5.9
5.9
2018-04-06
CVE-2018-1270
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module.
network
low complexity
vmware
oracle
redhat
debian
critical
9.8
9.8
«
1
(current)
2
»
Next