Vulnerabilities > Oracle > Primavera P6 Enterprise Project Portfolio Management > 15.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-16	CVE-2019-2512	Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). network high complexity oracle	4.0
2019-01-02	CVE-2018-19362	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. network low complexity fasterxml debian oracle redhat CWE-502 critical	9.8
2019-01-02	CVE-2018-19361	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. network low complexity fasterxml debian oracle redhat CWE-502 critical	9.8
2019-01-02	CVE-2018-19360	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. network low complexity fasterxml debian oracle redhat CWE-502 critical	9.8
2019-01-02	CVE-2018-14719	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. network low complexity fasterxml debian oracle redhat netapp CWE-502 critical	9.8
2019-01-02	CVE-2018-14718	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. network low complexity fasterxml debian oracle netapp redhat CWE-502 critical	9.8
2018-11-15	CVE-2018-5407	Information Exposure Through Discrepancy vulnerability in multiple products Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. local high complexity canonical debian nodejs openssl tenable oracle redhat CWE-203	4.7
2018-10-29	CVE-2018-0735	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. network high complexity openssl canonical debian nodejs netapp oracle CWE-327	5.9
2018-10-17	CVE-2018-3281	Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). network oracle	5.8
2018-10-17	CVE-2018-3241	Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). network oracle	5.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.