Oracle

Time And Labor

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2021-2415

  • EPSS 1.43%
  • Veröffentlicht 21.07.2021 15:15:54
  • Zuletzt bearbeitet 21.11.2024 06:03:04

Vulnerability in the Oracle Time and Labor product of Oracle E-Business Suite (component: Timecard). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with netwo...

6.5

CVE-2020-6950

  • EPSS 57.92%
  • Veröffentlicht 02.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:36:22

Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.

5.5

CVE-2021-2239

  • EPSS 1.22%
  • Veröffentlicht 22.04.2021 22:15:15
  • Zuletzt bearbeitet 21.11.2024 06:02:42

Vulnerability in the Oracle Time and Labor product of Oracle E-Business Suite (component: Timecard). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with netwo...

6.1

CVE-2019-17091

Exploit
  • EPSS 8.42%
  • Veröffentlicht 02.10.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:31:40

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled.

7.5

CVE-2019-10086

  • EPSS 0.26%
  • Veröffentlicht 20.08.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:18:22

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...