Vulnerabilities > Oracle > Service BUS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-21246 | Unspecified vulnerability in Oracle Service BUS 12.2.1.4.0 Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). | 7.5 |
| 2019-08-20 | CVE-2019-10086 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. | 7.3 |
| 2019-04-23 | CVE-2019-2576 | Unspecified vulnerability in Oracle Service BUS 11.1.1.9.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Container). | 5.3 |
| 2019-04-20 | CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. | 6.1 |
| 2018-01-18 | CVE-2015-9251 | Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. | 6.1 |
| 2017-08-08 | CVE-2017-10119 | Unspecified vulnerability in Oracle Service BUS 11.1.1.9.0 Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: OSB Web Console Design, Admin). | 7.6 |
| 2017-04-24 | CVE-2017-3507 | Unspecified vulnerability in Oracle Service BUS Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Console Design). | 7.3 |