CVSS: 10.0EPSS: 1%CPEs: 27EXPL: 0CVE-2012-1695
https://notcve.org/view.php?id=CVE-2012-1695
03 May 2012 — Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle JRockit en Oracle Fusion Middleware v28.2.2 y anteriores, y JDK/JRE 5 y 6 27.7.1 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores no especi... • http://secunia.com/advisories/48864 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-0532
https://notcve.org/view.php?id=CVE-2012-0532
03 May 2012 — Unspecified vulnerability in the Identity Manager component in Oracle Fusion Middleware 11.1.1.3 and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to User Config Management. Vulnerabilidad sin especificar en el componente Identity Manager de Oracle Fusion Middleware 11.1.1.3 y 11.1.1.5. Permite a usuarios autenticados remotos afectar la confidencialidad e integridad a través de vectores desconocidos relacionados con la gestión de la configurac... • http://secunia.com/advisories/48861 •
CVSS: 8.2EPSS: 0%CPEs: 5EXPL: 0CVE-2012-0083
https://notcve.org/view.php?id=CVE-2012-0083
18 Jan 2012 — Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Search. Vulnerabilidad no especificada en el componente Oracle WebCenter Content component en Oracle Fusion Middleware v7.5.2, v10.1.3.5.1, v11.1.1.3, v11.1.1.4 y v11.1.1.5 permite a atacantes remotos afectar a la confidencialidad y a la integridad de la información a ... • http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2012-0084
https://notcve.org/view.php?id=CVE-2012-0084
18 Jan 2012 — Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2, 10.1.3.5.1, 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect integrity via unknown vectors related to Content Server. Vulnerabilidad no especificada en el componente Oracle WebCenter Content en Oracle Fusion Middleware v7.5.2, v10.1.3.5.1, v11.1.1.3, v11.1.1.4 y v11.1.1.5 permite a usuarios remotos autenticados afectar a la integridad de la información a través de vectores desco... • http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-3531
https://notcve.org/view.php?id=CVE-2011-3531
18 Jan 2012 — Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect availability via unknown vectors related to Web Services Security. Una vulnerabilidad no especificada en el componente Oracle Web Services Manager en Oracle Fusion Middleware v11.1.1.3, v11.1.1.4 y v11.1.1.5 permite a atacantes remotos afectar a la disponibilidad de la información a través de vectores desconocidos relacionados con los sevicios ... • http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-3569
https://notcve.org/view.php?id=CVE-2011-3569
18 Jan 2012 — Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Web Services Security. Vulnerabilidad no especificada en el componente Oracle Web Services Manager en Oracle Fusion Middleware v11.1.1.3, v11.1.1.4 y v11.1.1.5 permite a atacantes remotos afectar a la confidencialidad de la información a través de vectores desconocidos relacionados con los servicio... • http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-3568
https://notcve.org/view.php?id=CVE-2011-3568
18 Jan 2012 — Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services Security. Vulnerabilidad no especificada en el componente Oracle Web Services Manager de Oracle Fusion Middleware v11.1.1.3, v11.1.1.4, y v11.1.1.5 permite a usuarios remotos autenticados afectar a la confidencialidad y a la integridad de los datos a través de v... • http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3510
https://notcve.org/view.php?id=CVE-2011-3510
18 Oct 2011 — Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.3.0 and 11.1.1.5.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Platform Security. Vulnerabilidad sin especificar en el componente de Oracle Business Enterprise Edition Inteligencia en Oracle Fusion Middleware v11.1.1.3.0 y v11.1.1.5.0 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad a... • http://osvdb.org/76487 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-0884
https://notcve.org/view.php?id=CVE-2011-0884
20 Jul 2011 — Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Fusion Middleware 11.1.1.3.0, 11.1.1.4.0, and 11.1.1.5.0 allows remote authenticated users to affect availability, related to BPEL Console. Vulnerabilidad no especificada en el componente Oracle BPEL Process Manager de Oracle Fusion Middleware v11.1.1.3.0, v11.1.1.4.0, v11.1.1.5.0 y permite a usuarios remotos autenticados afectar a la disponibilidad, en relación con la consola de BPEL. • http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 8CVE-2010-1622 – Spring Framework - Arbitrary code Execution
https://notcve.org/view.php?id=CVE-2010-1622
21 Jun 2010 — SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar:... • https://www.exploit-db.com/exploits/13918 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •