Vulnerabilities > Oracle > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-11 | CVE-2018-1285 | XXE vulnerability in multiple products Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. | 9.8 |
| 2020-05-01 | CVE-2020-10683 | XXE vulnerability in multiple products dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. | 9.8 |
| 2020-04-15 | CVE-2020-2961 | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 13.2.0.0/13.3.0.0 Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle OHS)). | 9.8 |
| 2020-04-15 | CVE-2020-2953 | Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 18.0 Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Promotions). | 9.8 |
| 2020-04-15 | CVE-2020-2950 | Unspecified vulnerability in Oracle Business Intelligence Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). | 9.8 |
| 2020-04-15 | CVE-2020-2931 | Unspecified vulnerability in Oracle Knowledge Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Web Applications - InfoCenter). | 9.8 |
| 2020-04-15 | CVE-2020-2915 | Unspecified vulnerability in Oracle Coherence Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). | 9.8 |
| 2020-04-15 | CVE-2020-2884 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-04-15 | CVE-2020-2883 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-04-15 | CVE-2020-2801 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |