Oracle

Siebel Ui Framework

53 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2019-0227

Exploit
  • EPSS 90.74%
  • Veröffentlicht 01.05.2019 21:29:00
  • Zuletzt bearbeitet 08.05.2025 18:13:51

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to buil...

6.1

CVE-2019-11358

Exploit
  • EPSS 0.94%
  • Veröffentlicht 20.04.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:56

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...

9.8

CVE-2018-14718

  • EPSS 9.37%
  • Veröffentlicht 02.01.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:39

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.

6.1

CVE-2018-3059

  • EPSS 0.52%
  • Veröffentlicht 17.10.2018 01:31:15
  • Zuletzt bearbeitet 21.11.2024 04:05:04

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 18.7, 18.8 and 18.9. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...

6.1

CVE-2018-8032

  • EPSS 2.34%
  • Veröffentlicht 02.08.2018 13:29:00
  • Zuletzt bearbeitet 08.05.2025 18:13:51

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

4.3

CVE-2018-2959

  • EPSS 0.7%
  • Veröffentlicht 18.07.2018 13:29:03
  • Zuletzt bearbeitet 21.11.2024 04:04:50

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). The supported version that is affected is 18.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comp...

6.1

CVE-2015-9251

  • EPSS 14.53%
  • Veröffentlicht 18.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 02:40:09

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

7.4

CVE-2017-10333

  • EPSS 0.28%
  • Veröffentlicht 19.10.2017 17:29:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compr...

6.1

CVE-2017-10302

  • EPSS 0.52%
  • Veröffentlicht 19.10.2017 17:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

6.1

CVE-2017-10315

  • EPSS 0.52%
  • Veröffentlicht 19.10.2017 17:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...