Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Operations Intelligence Security Vulnerabilities

cve
cve

CVE-2021-4104

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in...

7.5CVSS

9.1AI Score

0.976EPSS

2021-12-14 12:15 PM
786
In Wild
15
cve
cve

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message....

10CVSS

9.8AI Score

0.976EPSS

2021-12-10 10:15 AM
3635
In Wild
399
cve
cve

CVE-2021-2484

Vulnerability in the Oracle Operations Intelligence product of Oracle E-Business Suite (component: BIS Operations Intelligence). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle....

8.1CVSS

7.6AI Score

0.001EPSS

2021-10-20 11:16 AM
19
2
cve
cve

CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery...

6.9CVSS

6.8AI Score

0.019EPSS

2020-04-29 09:15 PM
5273
In Wild
16
cve
cve

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS...

6.1CVSS

6AI Score

0.002EPSS

2019-11-08 03:15 PM
169
6
cve
cve

CVE-2012-4614

The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network...

7.2AI Score

0.011EPSS

2012-11-27 09:55 PM
23
cve
cve

CVE-2012-4615

EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified...

5.9AI Score

0.0004EPSS

2012-11-27 09:55 PM
27
cve
cve

CVE-2007-3872

Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted...

7.5AI Score

0.924EPSS

2007-08-09 08:17 PM
40