163 matches found
Oracle Primavera Unifier Multiple Vulnerabilities (Jul 2020 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.1.x or 16.2.x prior to 16.2.16.2, or 17.7.x through 17.12.x prior to 17.12.11.4, or 18.8.x prior to 18.8.17, or 19.12.x prior to 19.12.7. It is, therefore, affected by...
Oracle Primavera Unifier (Apr 2020 CPU)
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the CPUApr2020 advisory. - initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows X...
Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2020 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.1.x or 16.2.x prior to 16.2.16.0, or 17.7.x through 17.12.x prior to 17.12.11.2, or 18.8.x prior to 18.8.15, or 19.12.x prior to 19.12.0.1. It is, therefore, affected by...
Oracle Primavera Unifier Multiple Vulnerabilities (Oct 2019 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.1.x or 16.2.x prior to 16.2.15.10, or 17.7.x through 17.12.x prior to 17.12.11.1, or 18.8.x prior to 18.8.13.0. It is, therefore, affected by multiple vulnerabilities: -...
Oracle Primavera Unifier Multiple Vulnerabilities (Jul 2019 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 15.x or 16.x prior to 16.2.15.9 or 17.7.x prior to 17.12.11 or 18.x prior to 18.8.11. It is, therefore, affected by multiple vulnerabilities: - A deserialization...
Oracle Primavera Unifier Multiple Vulnerabilities (Apr 2019 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.7 or 17.7.x prior to 17.12.10 or 18.x prior to 18.8.6. It is, therefore, affected by multiple vulnerabilities: - A deserialization vulnerability in...
The vulnerability of the Web Access component of the Oracle Primavera Unifier application, which allows a hacker to gain unauthorized access to data.
The vulnerability of the Web Access component of the Oracle Primavera Unifier application, which is used for automating project management processes, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized acces...
The vulnerability of the Core component (jackson-databind) of the Primavera Unifier application, which allows a hacker to execute arbitrary code or cause service failures.
The vulnerability of the Core component jackson-databind of the Primavera Unifier application for automating project management processes is related to errors in the code. Exploiting this vulnerability may allow a malicious actor to execute arbitrary code or cause service failures using the HTTP...
Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.6 or 17.x prior to 17.12.9.2 or 18.x prior to 18.8.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file upload vulnerabili...
Oracle Primavera Unifier Multiple Vulnerabilities (Oct 2018 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 15.x, 16.x prior to 16.2.15.4, 17.x prior to 17.12.8.2, or 18.x prior to 18.8.2.2. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested f...
FasterXML Jackson-databind Polymorphic Deserialization Multiple Security Vulnerability
Description FasterXML Jackson-databind is prone to multiple security vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code, bypass certain security restrictions, perform unauthorized actions or obtain potentially sensitive information. Failed exploi...
CVE-2018-3148
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 15.1, 15.2, 16.1, 16.2, 17.1-17.12 and 18.1-18.8. Easily exploitable vulnerability allows unauthenticated attacker with network access v...
CVE-2018-3148
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 15.1, 15.2, 16.1, 16.2, 17.1-17.12 and 18.1-18.8. Easily exploitable vulnerability allows unauthenticated attacker with network access v...
Code injection
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 15.1, 15.2, 16.1, 16.2, 17.1-17.12 and 18.1-18.8. Easily exploitable vulnerability allows unauthenticated attacker with network access v...
CVE-2018-3148
CVE-2018-3148 affects Oracle Primavera Unifier (Web Access subcomponent). Affected versions: 15.1, 15.2, 16.1, 16.2, 17.1–17.12 and 18.1–18.8. The vulnerability is exploitable by an unauthenticated attacker over HTTP with network access; successful exploitation may require user interaction. Impac...
CVE-2018-3148
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 15.1, 15.2, 16.1, 16.2, 17.1-17.12 and 18.1-18.8. Easily exploitable vulnerability allows unauthenticated attacker with network access v...
CVE-2018-3148
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite subcomponent: Web Access. Supported versions that are affected are 15.1, 15.2, 16.1, 16.2, 17.1-17.12 and 18.1-18.8. Easily exploitable vulnerability allows unauthenticated attacker with network access v...
Unspecified Vulnerability in Oracle Primavera Unifier (CNVD-2018-24255)
Oracle Construction and Engineering Suite is Oracle's suite of combined management solutions for construction projects, of which Primavera Unifier is a complete project lifecycle management solution component. A security vulnerability exists in the Web Access subcomponent of the Primavera Unifier...
The vulnerability of the Core component of the Primavera Unifier application, which allows a hacker to gain unauthorized access to protected data.
The vulnerability of the Core component of the Primavera Unifier application, which is used for automating project management processes, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protecte...
Oracle Primavera Unifier Multiple Vulnerabilities (July 2018 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.0, 17.x prior to 17.12.7.0, or 18.x prior to 18.7.0.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for the...