Vulnerabilities > Oracle > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-20 | CVE-2018-1000632 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. | 7.5 |
| 2018-08-14 | CVE-2018-12539 | Deserialization of Untrusted Data vulnerability in multiple products In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. | 7.8 |
| 2018-08-01 | CVE-2018-8034 | Improper Certificate Validation vulnerability in multiple products The host name verification when using TLS with the WebSocket client was missing. | 7.5 |
| 2018-08-01 | CVE-2016-9583 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. | 7.8 |
| 2018-07-23 | CVE-2018-1999002 | A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to. | 7.5 |
| 2018-07-23 | CVE-2018-1999001 | A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. | 8.8 |
| 2018-07-18 | CVE-2018-3104 | Unspecified vulnerability in Oracle Outside in Technology 8.5.3 Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). | 7.1 |
| 2018-07-18 | CVE-2018-3103 | Unspecified vulnerability in Oracle Outside in Technology 8.5.3 Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). | 7.1 |
| 2018-07-18 | CVE-2018-3102 | Unspecified vulnerability in Oracle Outside in Technology 8.5.3 Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). | 7.1 |
| 2018-07-18 | CVE-2018-3099 | Unspecified vulnerability in Oracle Outside in Technology 8.5.3 Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). | 7.1 |