CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21994
https://notcve.org/view.php?id=CVE-2023-21994
18 Jul 2023 — Vulnerability in the Oracle Mobile Security Suite product of Oracle Fusion Middleware (component: Android Mobile Authenticator App). Supported versions that are affected are Prior to 11.1.2.3.1. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Mobile Security Suite executes to compromise Oracle Mobile Security Suite. Successful attacks of this vulnerability can result in unauthorized access to critica... • https://www.oracle.com/security-alerts/cpujul2023.html •
CVSS: 9.8EPSS: 2%CPEs: 79EXPL: 0CVE-2020-10683 – dom4j: XML External Entity vulnerability in default SAX parser
https://notcve.org/view.php?id=CVE-2020-10683
01 May 2020 — dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. dom4j versiones anteriores a 2.0.3 y versiones 2.1.x anteriores a 2.1.3, permite DTDs y External Entities por defecto, lo que podría permitir ataques de tipo XXE. Sin embargo, existe una documentación externa popular de OWASP que mues... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00061.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4899
https://notcve.org/view.php?id=CVE-2015-4899
21 Oct 2015 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality via unknown vectors related to Security. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 3.0.1 y 3.1.2 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con Security. • http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-2598
https://notcve.org/view.php?id=CVE-2015-2598
16 Jul 2015 — Unspecified vulnerability in the mobile app in Oracle Business Intelligence Enterprise Edition in Oracle Fusion Middleware before 11.1.1.7.0 (11.6.39) allows remote authenticated users to affect integrity via unknown vectors related to Mobile - iPad. Vulnerabilidad no especificada en la aplicación móvil en Oracle Business Intelligence Enterprise Edition en Oracle Fusion Middleware en la versión anterior a 11.1.1.7.0 (11.6.39), permite a usuarios remotos autenticados afectar la integridad a través de vectore... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2602 – Oracle Endeca Information Discovery Integrator ETL Server UploadFileContent Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2602
16 Jul 2015 — Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware de las versiones ... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2603 – Oracle Endeca Information Discovery Integrator ETL Server Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2015-2603
16 Jul 2015 — Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2604, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware de las versiones ... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2604 – Oracle Endeca Information Discovery Integrator ETL Server CopyFile Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2604
16 Jul 2015 — Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2605, CVE-2015-2606, and CVE-2015-4745. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware de las versiones ... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2605 – Oracle Endeca Information Discovery Integrator ETL Server MoveFile Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2605
16 Jul 2015 — Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2606, and CVE-2015-4745. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware de las versiones ... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-2606 – Oracle Endeca Information Discovery Integrator ETL Server RenameFile Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-2606
16 Jul 2015 — Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-4745. Vulnerabilidad no especificada en el componente Oracle Endeca Information Discovery Studio en Oracle Fusion Middleware de las versiones ... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2623
https://notcve.org/view.php?id=CVE-2015-2623
16 Jul 2015 — Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2, and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0, allows remote attackers to affect integrity via unknown vectors related to Java Server Faces. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 3.0.1 y 3.1.2, y en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.3.6.0... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •