Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-23	CVE-2019-12415	XXE vulnerability in multiple products In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing. local low complexity apache oracle CWE-611	5.5
2019-04-23	CVE-2019-2579	Unspecified vulnerability in Oracle Webcenter Sites 12.2.1.3.0 Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). network low complexity oracle	4.3
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1
2018-10-17	CVE-2018-3238	Unspecified vulnerability in Oracle Webcenter Sites 11.1.1.8.0 Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). network low complexity oracle	6.9
2018-01-18	CVE-2015-9251	Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. network low complexity jquery oracle CWE-79	6.1
2018-01-18	CVE-2018-2584	Unspecified vulnerability in Oracle Webcenter Sites 11.1.1.8.0 Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). network low complexity oracle	4.3
2017-10-19	CVE-2017-10033	Unspecified vulnerability in Oracle Webcenter Sites 11.1.1.8.0/12.2.1.2.0 Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Support Tools). local high complexity oracle	4.0
2017-04-24	CVE-2017-3597	Unspecified vulnerability in Oracle Webcenter Sites Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). network low complexity oracle	5.7
2017-04-24	CVE-2017-3594	Unspecified vulnerability in Oracle Webcenter Sites Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). network high complexity oracle	5.9
2016-10-25	CVE-2016-5511	7PK - Security Features vulnerability in Oracle Webcenter Sites 12.2.1.0.0/12.2.1.1.0/12.2.1.2.0 Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 12.2.1.0.0, 12.2.1.1.0, and 12.2.1.2.0 allows remote attackers to affect integrity via unknown vectors. network low complexity oracle CWE-254	4.3