Oracle

Utilities Framework

38 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2026-21924

  • EPSS 0.02%
  • Veröffentlicht 20.01.2026 21:56:20
  • Zuletzt bearbeitet 29.01.2026 21:23:21

Vulnerability in the Oracle Utilities Application Framework product of Oracle Utilities Applications (component: General). Supported versions that are affected are 4.4.0.3.0, 4.5.0.0.0, 4.5.0.1.1, 4.5.0.1.3, 4.5.0.2.0, 25.4 and 25.10. Easily exploi...

7.5

CVE-2020-36518

Exploit
  • EPSS 0.51%
  • Veröffentlicht 11.03.2022 07:15:07
  • Zuletzt bearbeitet 27.08.2025 21:15:36

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

5.9

CVE-2021-45105

Warnung
  • EPSS 70.43%
  • Veröffentlicht 18.12.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:31:58

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...

8.5

CVE-2021-39152

Exploit
  • EPSS 67.83%
  • Veröffentlicht 23.08.2021 19:15:13
  • Zuletzt bearbeitet 23.05.2025 16:47:47

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed inp...

8.5

CVE-2021-39150

Exploit
  • EPSS 1.97%
  • Veröffentlicht 23.08.2021 19:15:12
  • Zuletzt bearbeitet 23.05.2025 16:48:02

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed inp...

6.3

CVE-2021-39140

Exploit
  • EPSS 0.05%
  • Veröffentlicht 23.08.2021 19:15:10
  • Zuletzt bearbeitet 23.05.2025 16:50:34

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload r...

8.5

CVE-2021-39154

Exploit
  • EPSS 0.71%
  • Veröffentlicht 23.08.2021 18:15:13
  • Zuletzt bearbeitet 23.05.2025 16:47:35

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39153

Exploit
  • EPSS 0.57%
  • Veröffentlicht 23.08.2021 18:15:13
  • Zuletzt bearbeitet 23.05.2025 16:50:17

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if usin...

8.5

CVE-2021-39151

Exploit
  • EPSS 0.57%
  • Veröffentlicht 23.08.2021 18:15:12
  • Zuletzt bearbeitet 23.05.2025 16:49:36

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39141

Exploit
  • EPSS 84.54%
  • Veröffentlicht 23.08.2021 18:15:12
  • Zuletzt bearbeitet 23.05.2025 16:52:36

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...