150 matches found
CVE-2022-21445
CVE-2022-21445 is a vulnerability in the Oracle Application Development Framework (ADF Faces) within Oracle Fusion Middleware. Affected are the JDeveloper-distributed ADF components for versions 12.2.1.3.0 and 12.2.1.4.0. The vulnerability allows unauthenticated, network-accessible attackers to e...
CVE-2022-21445
...
CVE-2022-21445
...
CVE-2022-21445
Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
U.S. Dept Of Defense: Wrong settings in ADF Faces leads to information disclosure
Hello, Team. Found some interesting links which leads to information disclosure in █████ Link 1: █████████████ Link 2: ██████████████████ Link 3: █████████████ Every link goes through https://██████to https://████ For Link 3 is possible to change data in the fields: First Name, Last Name, Phone...
Arbitrary Code Execution
unadf is vulnerable to arbitrary code execution. The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file...
Oracle JDeveloper XSS (October 2020 CPU)
The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by a cross-site scripting XSS vulnerability in the ADF Faces jQuery component. An unauthenticated, remote attacker can exploit this issue to compromise Oracle JDeveloper. Successf...
Oracle JDeveloper ADF Faces Insecure Deserialization (CVE-2019-2904)
An insecure deserialization vulnerability exists in Oracle JDeveloper ADF Faces. This vulnerability is due to insufficient validation of HTTP requests...
Oracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle ADF Faces. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Remote Regions component. The issue results from the lack of proper validation of...
The vulnerability of the ADF Faces sub-component of the Oracle JDeveloper component and the ADF software platform of Oracle Fusion Middleware allows a perpetrator to gain full control over the application.
The vulnerability of the ADF Faces sub-component of the Oracle JDeveloper component and the ADF software platform of Oracle Fusion Middleware is related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the...
Oracle WebLogic Server Multiple Vulnerabilities (Oct 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - An unspecified vulnerability in the jquery component of the Web Services of Oracle Weblogic Server. An unauthenticated, remote attacker can exploit this to gain unauthorized update, inser...
CVE-2019-2899
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: OAM. Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromis...
CVE-2019-2904
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
CVE-2019-2899
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: OAM. Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromis...
CVE-2019-2904
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
Design/Logic Flaw
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: OAM. Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromis...
CVE-2019-2899
CVE-2019-2899 affects Oracle JDeveloper and ADF (OAM component) in Oracle Fusion Middleware. Affected versions: 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.3.0. The vulnerability is due to insufficient access control in OAM, allowing a high-privilege attacker with network access via HTTP to compro...
CVE-2019-2899
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: OAM. Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromis...
CVE-2019-2904
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
CVE-2019-2904
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...