VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Webcenter Portal
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-03-23
CVE-2021-21342
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.1
9.1
2021-03-23
CVE-2021-21344
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21345
OS Command Injection vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-78
critical
9.9
9.9
2021-03-23
CVE-2021-21346
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21347
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21350
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21351
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.1
9.1
2020-05-01
CVE-2020-10683
XXE vulnerability in multiple products
dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks.
network
low complexity
dom4j-project
oracle
opensuse
netapp
canonical
CWE-611
critical
9.8
9.8
2020-01-15
CVE-2020-2555
Deserialization of Untrusted Data vulnerability in Oracle products
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation).
network
low complexity
oracle
CWE-502
critical
9.8
9.8
2020-01-03
CVE-2019-20330
Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
network
low complexity
fasterxml
oracle
debian
netapp
CWE-502
critical
9.8
9.8
«
1
(current)
2
3
»
Next