Vulnerabilities > Oracle > Webcenter Portal > 11.1.1.9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-23 | CVE-2021-21341 | XStream is a Java library to serialize objects to XML and back again. | 7.5 |
| 2020-12-18 | CVE-2020-28052 | An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. | 8.1 |
| 2020-07-15 | CVE-2020-14552 | Unspecified vulnerability in Oracle Webcenter Portal 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). | 6.8 |
| 2020-05-01 | CVE-2020-10683 | XXE vulnerability in multiple products dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. | 9.8 |
| 2020-03-07 | CVE-2020-9281 | Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax). | 6.1 |
| 2019-10-08 | CVE-2019-17359 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. | 7.5 |
| 2019-07-23 | CVE-2019-10173 | Code Injection vulnerability in multiple products It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. | 9.8 |
| 2019-01-16 | CVE-2019-2427 | Unspecified vulnerability in Oracle Webcenter Portal 11.1.1.9.0/12.2.1.3.0 Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). | 5.3 |
| 2018-10-17 | CVE-2018-3254 | Unspecified vulnerability in Oracle Webcenter Portal 11.1.1.9.0/12.2.1.3.0 Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). | 5.3 |
| 2018-10-17 | CVE-2018-3246 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). | 7.5 |