Oracle

Jd Edwards Enterpriseone Tools

149 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2021-3712

Warnung
  • EPSS 0.49%
  • Veröffentlicht 24.08.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:13

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the s...

5.3

CVE-2021-22939

Exploit
  • EPSS 0.13%
  • Veröffentlicht 16.08.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:50:58

If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.

7.5

CVE-2021-22940

  • EPSS 0.41%
  • Veröffentlicht 16.08.2021 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:50:58

Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

5.4

CVE-2021-37695

  • EPSS 0.4%
  • Veröffentlicht 13.08.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:15:43

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed F...

5.4

CVE-2021-32808

  • EPSS 1.44%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malform...

5.4

CVE-2021-32809

  • EPSS 0.21%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Clipboard](https://ckeditor.com/cke4/addon/clipboard) package. The vulnerability allowed to abuse paste functionali...

7.4

CVE-2021-32066

Exploit
  • EPSS 0.1%
  • Veröffentlicht 01.08.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:47

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protecti...

7

CVE-2021-31799

  • EPSS 0.35%
  • Veröffentlicht 30.07.2021 14:15:16
  • Zuletzt bearbeitet 21.11.2024 06:06:14

In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename.

5.8

CVE-2021-2375

  • EPSS 0.6%
  • Veröffentlicht 21.07.2021 15:15:34
  • Zuletzt bearbeitet 21.11.2024 06:02:59

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.5.3 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

4.9

CVE-2021-2373

  • EPSS 0.17%
  • Veröffentlicht 21.07.2021 15:15:33
  • Zuletzt bearbeitet 21.11.2024 06:02:59

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.5.3 and Prior. Easily exploitable vulnerability allows low privileged attacker with network access...