Lucene search

K

SOA Suite Security Vulnerabilities

cve
cve

CVE-2022-21622

Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Adapters). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite....

7.5CVSS

7.4AI Score

0.001EPSS

2022-10-18 09:15 PM
30
5
cve
cve

CVE-2022-21562

Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Fabric Layer). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite....

7.5CVSS

7.3AI Score

0.001EPSS

2022-07-19 10:15 PM
36
3
cve
cve

CVE-2019-17359

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in...

7.5CVSS

8.1AI Score

0.006EPSS

2019-10-08 02:15 PM
141
2
cve
cve

CVE-2019-2572

Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite. Successful...

5.3CVSS

4.4AI Score

0.001EPSS

2019-04-23 07:32 PM
23
cve
cve

CVE-2018-3105

Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Health Care FastPath). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network...

4.3CVSS

3.4AI Score

0.0005EPSS

2018-07-18 01:29 PM
17
2
cve
cve

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in...

9.8CVSS

8.6AI Score

0.006EPSS

2018-07-09 08:29 PM
202
cve
cve

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta....

7.5CVSS

7.1AI Score

0.005EPSS

2018-06-05 01:29 PM
148
2
cve
cve

CVE-2015-7501

Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web...

9.8CVSS

9.7AI Score

0.018EPSS

2017-11-09 05:29 PM
172
8
cve
cve

CVE-2017-10026

Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite. Successful...

8.2CVSS

8.2AI Score

0.001EPSS

2017-10-19 05:29 PM
22
cve
cve

CVE-2017-5645

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary...

9.8CVSS

9.5AI Score

0.874EPSS

2017-04-17 09:59 PM
453
3