VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Primavera Gateway
> 17.12
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-01-24
CVE-2022-23437
Infinite Loop vulnerability in multiple products
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads.
network
low complexity
apache
oracle
netapp
CWE-835
6.5
6.5
2021-10-26
CVE-2021-41183
jQuery-UI is the official jQuery user interface library.
network
low complexity
jqueryui
fedoraproject
netapp
debian
drupal
oracle
tenable
6.1
6.1
2020-12-03
CVE-2020-25649
XXE vulnerability in multiple products
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly.
network
low complexity
fasterxml
netapp
fedoraproject
quarkus
apache
oracle
CWE-611
7.5
7.5
2019-10-12
CVE-2019-17531
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml
debian
redhat
oracle
netapp
CWE-502
critical
9.8
9.8
2019-10-01
CVE-2019-16943
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml
debian
fedoraproject
redhat
oracle
netapp
CWE-502
critical
9.8
9.8
2019-09-15
CVE-2019-16335
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml
fedoraproject
debian
netapp
redhat
oracle
CWE-502
critical
9.8
9.8
2019-09-15
CVE-2019-14540
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml
netapp
fedoraproject
debian
redhat
oracle
CWE-502
critical
9.8
9.8
2019-07-30
CVE-2019-14439
Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2.
network
low complexity
fasterxml
debian
fedoraproject
apache
redhat
oracle
CWE-502
7.5
7.5
2019-07-29
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
network
low complexity
fasterxml
debian
netapp
fedoraproject
redhat
oracle
apple
critical
9.8
9.8
2018-10-18
CVE-2018-15756
Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource.
network
low complexity
vmware
oracle
debian
7.5
7.5
«
1
(current)
2
»
Next