Vulnerabilities > Oracle > Primavera Unifier

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3501 Unspecified vulnerability in Oracle Primavera Unifier
Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform).
network
low complexity
oracle
6.1
2017-03-15 CVE-2016-7103 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
6.1
2017-01-23 CVE-2016-4055 Resource Exhaustion vulnerability in multiple products
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
network
low complexity
momentjs tenable oracle CWE-400
6.5