Oracle

Health Sciences Information Manager

18 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2018-11039

  • EPSS 2.6%
  • Veröffentlicht 25.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:32

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring ...

8.8

CVE-2018-1258

  • EPSS 0.26%
  • Veröffentlicht 11.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:28

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted...

6.5

CVE-2018-1257

  • EPSS 1.33%
  • Veröffentlicht 11.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:28

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A ...

9.8

CVE-2018-1275

  • EPSS 38.06%
  • Veröffentlicht 11.04.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:31

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A ma...

7.5

CVE-2018-1272

  • EPSS 1.24%
  • Veröffentlicht 06.04.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:30

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a r...

5.9

CVE-2018-1271

  • EPSS 91.01%
  • Veröffentlicht 06.04.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:30

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file s...

9.8

CVE-2018-1270

  • EPSS 89.35%
  • Veröffentlicht 06.04.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:30

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A ma...

9

CVE-2016-0635

  • EPSS 6.64%
  • Veröffentlicht 21.07.2016 10:12:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2....