Vulnerabilities > Oracle > Siebel UI Framework > 16.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-02 | CVE-2018-14718 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. | 9.8 |
2018-08-02 | CVE-2018-8032 | Cross-site Scripting vulnerability in multiple products Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. | 6.1 |
2017-03-15 | CVE-2016-7103 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. | 6.1 |
2017-01-27 | CVE-2017-3330 | Remote Security vulnerability in Oracle Siebel UI Framework 16.1 Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). network oracle | 4.9 |
2017-01-27 | CVE-2017-3325 | Remote Security vulnerability in Oracle Siebel UI Framework 16.1 Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI). network oracle | 5.8 |
2017-01-27 | CVE-2017-3264 | Remote Security vulnerability in Oracle Siebel UI Framework 16.1 Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: Open UI). network oracle | 3.5 |