Product:

Business_process_management_suite

(Oracle)
Date Id Summary Products Score Patch Annotated
2018-09-19 CVE-2018-11761 In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack. Tika, Business_process_management_suite 7.5
2018-10-16 CVE-2018-3246 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 7.5... Banking_platform, Business_process_management_suite, Communications_converged_application_server, Communications_webrtc_session_controller, Enterprise_repository, Retail_convenience_and_fuel_pos_software, Utilities_network_management_system, Webcenter_portal, Weblogic_server 7.5
2019-04-23 CVE-2019-2706 Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware (subcomponent: BPM Foundation Services). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Process Management Suite. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Process Management... Business_process_management_suite 8.2