Oracle

Jd Edwards Enterpriseone Tools

147 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2021-22940

  • EPSS 0.42%
  • Veröffentlicht 16.08.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:50:58

Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

5.4

CVE-2021-37695

  • EPSS 0.4%
  • Veröffentlicht 13.08.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:15:43

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed F...

5.4

CVE-2021-32808

  • EPSS 1.22%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malform...

5.4

CVE-2021-32809

  • EPSS 0.21%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionali...

7.4

CVE-2021-32066

Exploit
  • EPSS 0.07%
  • Veröffentlicht 01.08.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:47

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protecti...

7

CVE-2021-31799

  • EPSS 0.35%
  • Veröffentlicht 30.07.2021 14:15:16
  • Zuletzt bearbeitet 21.11.2024 06:06:14

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.

5.8

CVE-2021-2375

  • EPSS 0.6%
  • Veröffentlicht 21.07.2021 15:15:34
  • Zuletzt bearbeitet 21.11.2024 06:02:59

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.5.3 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

4.9

CVE-2021-2373

  • EPSS 0.17%
  • Veröffentlicht 21.07.2021 15:15:33
  • Zuletzt bearbeitet 21.11.2024 06:02:59

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.5.3 and Prior. Easily exploitable vulnerability allows low privileged attacker with network access...

5.1

CVE-2021-2351

Exploit
  • EPSS 3.54%
  • Veröffentlicht 21.07.2021 15:15:21
  • Zuletzt bearbeitet 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

5.8

CVE-2021-31810

Exploit
  • EPSS 0.63%
  • Veröffentlicht 13.07.2021 13:15:09
  • Zuletzt bearbeitet 21.11.2024 06:06:16

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract inf...