Oracle

Enterprise Manager Base Platform

135 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 18.35%
  • Veröffentlicht 02.03.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 05:40:50

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).

  • EPSS 4.61%
  • Veröffentlicht 02.03.2020 04:15:10
  • Zuletzt bearbeitet 29.04.2026 20:24:13

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).

  • EPSS 4.39%
  • Veröffentlicht 21.01.2020 23:15:13
  • Zuletzt bearbeitet 17.12.2025 22:15:55

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

  • EPSS 7.84%
  • Veröffentlicht 21.01.2020 23:15:13
  • Zuletzt bearbeitet 03.12.2025 16:15:54

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

Exploit
  • EPSS 2.38%
  • Veröffentlicht 17.01.2020 19:15:14
  • Zuletzt bearbeitet 21.11.2024 05:34:03

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vul...

  • EPSS 88.08%
  • Veröffentlicht 17.01.2020 00:15:12
  • Zuletzt bearbeitet 21.11.2024 05:34:04

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response...

  • EPSS 1.23%
  • Veröffentlicht 15.01.2020 17:15:23
  • Zuletzt bearbeitet 21.11.2024 05:25:51

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privil...

  • EPSS 1.16%
  • Veröffentlicht 15.01.2020 17:15:23
  • Zuletzt bearbeitet 21.11.2024 05:25:52

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Job System). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged atta...

  • EPSS 1.21%
  • Veröffentlicht 15.01.2020 17:15:23
  • Zuletzt bearbeitet 21.11.2024 05:25:52

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Oracle Management Service). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high ...

  • EPSS 1.21%
  • Veröffentlicht 15.01.2020 17:15:23
  • Zuletzt bearbeitet 21.11.2024 05:25:52

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privil...