CVSS: 9.8EPSS: 94%CPEs: 174EXPL: 2CVE-2017-5645 – log4j: Socket receiver deserialization vulnerability
https://notcve.org/view.php?id=CVE-2017-5645
17 Apr 2017 — In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. En Apache Log4j 2.x en versiones anteriores a 2.8.2, cuando se utiliza el servidor de socket TCP o el servidor de socket UDP para recibir sucesos de registro serializados de otra aplicación, puede enviarse una carga binaria especialmente diseñada que, cuando se des... • https://github.com/pimps/CVE-2017-5645 • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3496
https://notcve.org/view.php?id=CVE-2016-3496
21 Jul 2016 — Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer. Vulnerabilidad no especificada en el componente Enterprise Manager for Fusion Middleware en Oracle Enterprise Manager Grid Control 11.1.1.7 y 11.1.1.9 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con SOA Topology Viewer. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0401
https://notcve.org/view.php?id=CVE-2016-0401
21 Jan 2016 — Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429. Vulnerabilidad no especificada en el componente Oracle BI Publisher en Oracle Fusion Middleware 11.1.1.7.0 y 11.1.1.9.0 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Scheduler, una vulnerabilidad diferente ... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0404
https://notcve.org/view.php?id=CVE-2016-0404
21 Jan 2016 — Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin. Vulnerabilidad no especificada en el componente Oracle Identity Federation en Oracle Fusion Middleware 11.1.2.2 permite a atacantes remotos afectar a la integridad a través de vectores relacionados con Admin. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0413
https://notcve.org/view.php?id=CVE-2016-0413
21 Jan 2016 — Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.1.7 allows remote authenticated users to affect integrity via vectors related to Federation protocol support. Vulnerabilidad no especificada en el componente Oracle Identity Federation en Oracle Fusion Middleware 11.1.1.7 permite a usuarios remotos autenticados afectar a la integridad a través de vectores relacionados con el soporte del protocolo Federation. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0429
https://notcve.org/view.php?id=CVE-2016-0429
21 Jan 2016 — Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401. Vulnerabilidad no especificada en el componente Oracle BI Publisher en Oracle Fusion Middleware 11.1.1.7.0 y 11.1.1.9.0 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Scheduler, una vulnerabilidad diferente ... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0430
https://notcve.org/view.php?id=CVE-2016-0430
21 Jan 2016 — Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439. Vulnerabilidad no especificada en el componente Web Cache en Oracle Fusion Middleware 11.1.1.7.0 y 11.1.1.9.0 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con el soporte SSL, una vulnerabilidad diferente a CVE-2016-0439. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 1.9EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0432
https://notcve.org/view.php?id=CVE-2016-0432
21 Jan 2016 — Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015. Vulnerabilidad no especificada en el componente Oracle Outside In Technology en Oracle Fusion Middleware 8.5.0, 8.5.1 y 8.5.2 permite a usuarios locales afectar a la disponibilidad a través de vectore... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0433
https://notcve.org/view.php?id=CVE-2016-0433
21 Jan 2016 — Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support. Vulnerabilidad no especificada en el componente Web Cache en Oracle Fusion Middleware 11.1.1.9.0 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con el soporte SSL. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0439
https://notcve.org/view.php?id=CVE-2016-0439
21 Jan 2016 — Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430. Vulnerabilidad no especificada en el componente Web Cache en Oracle Fusion Middleware 11.1.1.7.0 y 11.1.1.9.0 permite a atacantes remotos afectar a la confidencialidad a través de vectores relacionados con el soporte SSL, una vulnerabilidad diferente a CVE-2016-0430. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •