Vulnerabilities > Oracle > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-19 | CVE-2022-21420 | Unspecified vulnerability in Oracle Coherence 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). | 7.5 |
2022-04-19 | CVE-2022-21431 | Unspecified vulnerability in Oracle Communications Billing and Revenue Management 12.0.0.4/12.0.0.5 Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). | 7.5 |
2022-04-19 | CVE-2022-21445 | Unspecified vulnerability in Oracle Jdeveloper 12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces). | 7.5 |
2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 7.5 |
2022-03-14 | CVE-2022-23943 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. | 7.5 |
2022-02-24 | CVE-2021-35689 | Unspecified vulnerability in Oracle Talent Acquisition Cloud A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. | 7.5 |
2022-02-18 | CVE-2022-25315 | Integer Overflow or Wraparound vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | 7.5 |
2022-02-16 | CVE-2022-25235 | Improper Encoding or Escaping of Output vulnerability in multiple products xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | 7.5 |
2022-02-16 | CVE-2022-25236 | Exposure of Resource to Wrong Sphere vulnerability in multiple products xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | 7.5 |
2022-01-26 | CVE-2022-23990 | Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | 7.5 |