Product:

Enterprise_manager_ops_center

(Oracle)
Repositories https://github.com/apache/httpd
https://github.com/jquery/jquery
#Vulnerabilities 108
Date Id Summary Products Score Patch Annotated
2021-01-20 CVE-2021-2015 Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). Supported versions that are affected are 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Workflow. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Workflow, attacks may significantly impact additional products. Successful attacks of this... Data_integrator, Enterprise_manager_ops_center, Workflow 8.2
2021-01-20 CVE-2021-1999 Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle ZFS Storage... Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Zfs_storage_appliance 5.0
2021-01-20 CVE-2021-1993 Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to... Database_server, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Zfs_storage_appliance 4.8
2014-02-06 CVE-2014-1491 Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value. Ubuntu_linux, Debian_linux, Fedora, Firefox, Firefox_esr, Network_security_services, Seamonkey, Thunderbird, Opensuse, Enterprise_manager_ops_center, Vm_server, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2019-07-23 CVE-2019-2728 Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Networking). Supported versions that are affected are 12.3.3 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Ops Center. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data. CVSS... Enterprise_manager_ops_center 4.3
2018-05-24 CVE-2018-1000301 curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0. Ubuntu_linux, Debian_linux, Curl, Communications_webrtc_session_controller, Enterprise_manager_ops_center, Peoplesoft_enterprise_peopletools, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 9.1
2018-03-14 CVE-2018-1000121 A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service Ubuntu_linux, Debian_linux, Curl, Communications_webrtc_session_controller, Enterprise_manager_ops_center, Peoplesoft_enterprise_peopletools, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 7.5
2018-03-14 CVE-2018-1000122 A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage Ubuntu_linux, Debian_linux, Curl, Communications_webrtc_session_controller, Enterprise_manager_ops_center, Peoplesoft_enterprise_peopletools, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 9.1
2018-03-14 CVE-2018-1000120 A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. Ubuntu_linux, Debian_linux, Curl, Communications_webrtc_session_controller, Enterprise_manager_ops_center, Peoplesoft_enterprise_peopletools, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 9.8
2019-05-24 CVE-2019-2726 Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Services Integration). The supported version that is affected is 12.3.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Ops Center. While the vulnerability is in Enterprise Manager Ops Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can... Enterprise_manager_ops_center 6.3