Vulnerabilities > Oracle > Primavera P6 Enterprise Project Portfolio Management > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-10-02 CVE-2019-17091 Cross-site Scripting vulnerability in multiple products
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.
network
low complexity
eclipse oracle CWE-79
6.1
2019-04-23 CVE-2019-2701 Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access).
network
low complexity
oracle
4.3
2019-01-16 CVE-2019-2512 Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access).
network
high complexity
oracle
4.7
2018-11-15 CVE-2018-5407 Information Exposure Through Discrepancy vulnerability in multiple products
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
4.7
2018-10-29 CVE-2018-0735 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
2018-10-17 CVE-2018-3281 Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access).
network
low complexity
oracle
6.1
2018-10-17 CVE-2018-3241 Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access).
network
low complexity
oracle
6.1
2018-07-26 CVE-2018-1288 In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.
network
low complexity
apache redhat oracle
5.4
2018-07-18 CVE-2018-2963 Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access).
network
low complexity
oracle
4.3
2018-07-18 CVE-2018-2962 Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access).
network
high complexity
oracle
4.4