Oracle

Siebel Ui Framework

53 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2020-1935

  • EPSS 1.01%
  • Published 24.02.2020 22:15:11
  • Last modified 21.11.2024 05:11:38

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smug...

5.3

CVE-2020-2564

  • EPSS 1.18%
  • Published 15.01.2020 17:15:17
  • Last modified 21.11.2024 05:25:33

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Supported versions that are affected are 19.10 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom...

4.7

CVE-2020-2560

  • EPSS 0.87%
  • Published 15.01.2020 17:15:17
  • Last modified 21.11.2024 05:25:32

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: SWSE Server). Supported versions that are affected are 19.10 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

5.3

CVE-2020-2559

  • EPSS 1.1%
  • Published 15.01.2020 17:15:17
  • Last modified 21.11.2024 05:25:32

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: UIF Open UI). Supported versions that are affected are 19.7 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to ...

9.8

CVE-2019-20330

  • EPSS 2%
  • Published 03.01.2020 04:15:12
  • Last modified 21.11.2024 04:38:16

FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.

5.3

CVE-2019-2935

  • EPSS 0.84%
  • Published 16.10.2019 18:15:29
  • Last modified 21.11.2024 04:41:49

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Supported versions that are affected are 19.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

9.8

CVE-2019-16942

  • EPSS 0.44%
  • Published 01.10.2019 17:15:10
  • Last modified 21.11.2024 04:31:23

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1....

7.5

CVE-2019-14439

  • EPSS 9.41%
  • Published 30.07.2019 11:15:11
  • Last modified 21.11.2024 04:26:44

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logbac...

9.8

CVE-2019-14379

  • EPSS 1.46%
  • Published 29.07.2019 12:15:16
  • Last modified 21.11.2024 04:26:37

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

5.4

CVE-2019-2857

  • EPSS 0.19%
  • Published 23.07.2019 23:15:46
  • Last modified 21.11.2024 04:41:41

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 19.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...