Page 5 of 25 results (0.008 seconds)

CVSS: 6.4EPSS: 0%CPEs: 5EXPL: 0

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Search. Vulnerabilidad no especificada en el componente Oracle WebCenter Content component en Oracle Fusion Middleware v7.5.2, v10.1.3.5.1, v11.1.1.3, v11.1.1.4 y v11.1.1.5 permite a atacantes remotos afectar a la confidencialidad y a la integridad de la información a través de vectores desconocidos relacionados con las funciones de búsqueda. • http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html http://www.securityfocus.com/bid/51451 https://exchange.xforce.ibmcloud.com/vulnerabilities/72470 •

CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v7.0.7, v8.1.6, v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados Servlet Container. • http://osvdb.org/70584 http://secunia.com/advisories/42975 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45877 http://www.securitytracker.com/id?1024981 http://www.vupen.com/english/advisories/2011/0143 https://exchange.xforce.ibmcloud.com/vulnerabilities/64766 •

CVSS: 1.9EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.0 allows local users to affect availability, related to Outside In Viewer SDK. Vulnerabilidad no especificada en el componente Oracle Outside In Technology para Oracle Fusion Middleware v8.3.0 permite a usuarios locales afectar a la disponibilidad, relacionado con Outside In Viewer SDK. • http://secunia.com/advisories/42992 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45901 http://www.securitytracker.com/id?1024981 http://www.vupen.com/english/advisories/2011/0143 https://exchange.xforce.ibmcloud.com/vulnerabilities/64778 •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1

Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM. Vulnerabilidad no especificada en el componente Oracle Business Process Management de Oracle Fusion Middleware v5.7 MP3, v6.0 MP5, y v10.3 MP2, permite a atacantes remotos afectar la integridad, relacionado con BPM. • https://www.exploit-db.com/exploits/34310 http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •

CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 5

SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar: seguida por una URL de un fichero .jar modificado. • https://www.exploit-db.com/exploits/13918 https://github.com/HandsomeCat00/Spring-CVE-2010-1622 http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html http://geronimo.apache.org/21x-security-report.html http://geronimo.apache.org/22x-security-report.html http://secunia.com/advisories/41016 http://secunia.com/advisories/41025 http://secunia.com/advisories/43087 http://www.exploit-db.com/exploits/13918 http://www.oracle.com/technetwork/topics/security/cpuoct2015-236 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •