Vulnerabilities > Oracle > Primavera Unifier > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-07-18 CVE-2018-2967 Unspecified vulnerability in Oracle Primavera Unifier
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core).
low complexity
oracle
5.3
2018-07-18 CVE-2018-2965 Unspecified vulnerability in Oracle Primavera Unifier
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Core).
network
low complexity
oracle
6.1
2018-01-18 CVE-2015-9251 Cross-site Scripting vulnerability in multiple products
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
network
low complexity
jquery oracle CWE-79
6.1
2017-08-08 CVE-2017-10150 Unspecified vulnerability in Oracle Primavera Unifier
Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform).
network
low complexity
oracle
4.3
2017-08-08 CVE-2017-10149 Unspecified vulnerability in Oracle Primavera Unifier
Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform).
network
low complexity
oracle
4.8
2017-04-24 CVE-2017-3501 Unspecified vulnerability in Oracle Primavera Unifier
Vulnerability in the Primavera Unifier component of Oracle Primavera Products Suite (subcomponent: Platform).
network
low complexity
oracle
6.1
2017-03-15 CVE-2016-7103 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
6.1
2017-01-23 CVE-2016-4055 Resource Exhaustion vulnerability in multiple products
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
network
low complexity
momentjs tenable oracle CWE-400
6.5