Oracle

Application Express

47 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2025-50067

  • EPSS 0.1%
  • Published 15.07.2025 19:27:36
  • Last modified 24.07.2025 21:27:21

Vulnerability in Oracle Application Express (component: Strategic Planner Starter App). Supported versions that are affected are 24.2.4 and 24.2.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to comp...

5.4

CVE-2025-21557

  • EPSS 0.04%
  • Published 21.01.2025 21:15:22
  • Last modified 23.06.2025 18:08:52

Vulnerability in Oracle Application Express (component: General). Supported versions that are affected are 23.2 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application ...

4.9

CVE-2024-21261

  • EPSS 0.09%
  • Published 15.10.2024 20:15:16
  • Last modified 21.10.2024 18:27:17

Vulnerability in Oracle Application Express (component: General). Supported versions that are affected are 23.2 and 24.1. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applicatio...

5.6

CVE-2023-21983

  • EPSS 0.13%
  • Published 18.07.2023 21:15:11
  • Last modified 21.11.2024 07:44:02

Vulnerability in the Application Express Administration product of Oracle Application Express (component: None). Supported versions that are affected are Application Express Administration: 18.2-22.2. Difficult to exploit vulnerability allows unauth...

9

CVE-2023-21975

  • EPSS 0.52%
  • Published 18.07.2023 21:15:11
  • Last modified 21.11.2024 07:44:01

Vulnerability in the Application Express Customers Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Customers Plugin: 18.2-22.2. Easily exploitable vulnerability all...

9

CVE-2023-21974

  • EPSS 0.52%
  • Published 18.07.2023 21:15:11
  • Last modified 21.11.2024 07:44:01

Vulnerability in the Application Express Team Calendar Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Team Calendar Plugin: 18.2-22.1. Easily exploitable vulnerabi...

7.5

CVE-2022-24729

  • EPSS 0.51%
  • Published 16.03.2022 17:15:07
  • Last modified 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a ...

5.4

CVE-2022-24728

  • EPSS 0.72%
  • Published 16.03.2022 16:15:10
  • Last modified 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to in...

5.4

CVE-2021-41165

  • EPSS 0.11%
  • Published 17.11.2021 20:15:10
  • Last modified 21.11.2024 06:25:38

CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML byp...

5.4

CVE-2021-41164

  • EPSS 0.06%
  • Published 17.11.2021 19:15:08
  • Last modified 21.11.2024 06:25:38

CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML by...