Oracle

Enterprise Manager Base Platform

120 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-1257

  • EPSS 1.79%
  • Veröffentlicht 11.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:28

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A ...

7.1

CVE-2018-2750

  • EPSS 0.49%
  • Veröffentlicht 19.04.2018 02:29:01
  • Zuletzt bearbeitet 21.11.2024 04:04:22

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: UI Framework). The supported version that is affected is 12.1.0.5. Easily exploitable vulnerability allows unauthenticated atta...

7.7

CVE-2017-10091

  • EPSS 0.49%
  • Veröffentlicht 08.08.2017 15:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: UI Framework). Supported versions that are affected are 12.1.0, 13.1.0 and 13.2.0. Easily exploitable vulnerability allows low pr...

7.5

CVE-2017-9735

  • EPSS 0.71%
  • Veröffentlicht 16.06.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

7.5

CVE-2017-3518

  • EPSS 1.87%
  • Veröffentlicht 24.04.2017 19:59:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: Discovery Framework). Supported versions that are affected are 12.1.0, 13.1.0 and 13.2.0. Easily "exploitable" vulnerability allo...

9.8

CVE-2017-5645

  • EPSS 94.01%
  • Veröffentlicht 17.04.2017 21:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

6.3

CVE-2016-5604

  • EPSS 0.16%
  • Veröffentlicht 25.10.2016 14:31:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerabi...

6.3

CVE-2016-3563

  • EPSS 0.11%
  • Veröffentlicht 21.07.2016 10:13:59
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerabi...

4.3

CVE-2016-3540

  • EPSS 0.45%
  • Veröffentlicht 21.07.2016 10:13:37
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework.

7.5

CVE-2016-2381

  • EPSS 18.02%
  • Veröffentlicht 08.04.2016 15:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.