Oracle

Enterprise Manager Base Platform

121 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2018-11039

  • EPSS 2.6%
  • Veröffentlicht 25.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:32

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring ...

6.5

CVE-2018-1257

  • EPSS 1.18%
  • Veröffentlicht 11.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:28

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A ...

7.1

CVE-2018-2750

  • EPSS 0.49%
  • Veröffentlicht 19.04.2018 02:29:01
  • Zuletzt bearbeitet 21.11.2024 04:04:22

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: UI Framework). The supported version that is affected is 12.1.0.5. Easily exploitable vulnerability allows unauthenticated atta...

7.7

CVE-2017-10091

  • EPSS 0.49%
  • Veröffentlicht 08.08.2017 15:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: UI Framework). Supported versions that are affected are 12.1.0, 13.1.0 and 13.2.0. Easily exploitable vulnerability allows low pr...

7.5

CVE-2017-9735

  • EPSS 0.84%
  • Veröffentlicht 16.06.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

7.5

CVE-2017-3518

  • EPSS 1.87%
  • Veröffentlicht 24.04.2017 19:59:03
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: Discovery Framework). Supported versions that are affected are 12.1.0, 13.1.0 and 13.2.0. Easily "exploitable" vulnerability allo...

9.8

CVE-2017-5645

  • EPSS 94.01%
  • Veröffentlicht 17.04.2017 21:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

6.3

CVE-2016-5604

  • EPSS 0.16%
  • Veröffentlicht 25.10.2016 14:31:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerabi...

6.3

CVE-2016-3563

  • EPSS 0.11%
  • Veröffentlicht 21.07.2016 10:13:59
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 allows local users to affect confidentiality and integrity via vectors related to Security Framework, a different vulnerabi...

4.3

CVE-2016-3540

  • EPSS 0.45%
  • Veröffentlicht 21.07.2016 10:13:37
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.5 and 13.1.0.0 allows remote attackers to affect confidentiality via vectors related to UI Framework.