EUVD-2013-0363

Malware in sbrugna...

EUVD-2015-4902

Malware in sbrugna...

EUVD-2016-0478

Malware in sbrugna...

CVE-2021-2053

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: UI Framework. The supported version that is affected is 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ba...

CVE-2013-5766

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via...

CVE-2024-21067

Oracle Enterprise Manager Base Platform (Host Management) is affected for version 13.5.0.0. The issue stems from insufficient input validation in the Host Management component, enabling a low-privileged attacker with logon access to compromise and potentially take over the Oracle Enterprise Manag...

CVE-2024-20916

CVE-2024-20916 affects Oracle Enterprise Manager Base Platform, specifically the Event Management component in version 13.5.0.0. The root cause is insufficient input validation, enabling a highly privileged attacker with access to the physical/adjacent network segment to compromise the Base Platf...

Oracle Enterprise Manager Cloud Control (Jul 2022 CPU)

The 13.4.0.0 and 13.5.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component:...

Code injection

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: UI Framework. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterpris...

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle has fixed vulnerabilities in the following products: Enterprise Manager Base Platform Application Testing Suite APM - Application Performance Management Enterprise Manager Ops Center The vulnerabilities potentially enable a malicious party to execute attacks that result in the following...

PT-2022-2132 · Oracle · Enterprise Manager Base Platform

Name of the Vulnerable Software and Affected Versions: Enterprise Manager Base Platform versions 13.4.0.0 through 13.5.0.0 Description: The issue is related to insufficient input validation in the Policy Framework component. It allows a low-privileged attacker with network access via HTTP to...

CVE-2021-2137

CVE-2021-2137 affects Oracle Enterprise Manager Base Platform (Policy Framework) and is reported to impact versions 13.4.0.0 and 13.5.0.0. The vulnerability enables a low-privileged, network-accessing attacker over HTTP to compromise the Base Platform and potentially take over the system. Multipl...

Oracle JDeveloper XXE (July 2021 CPU)

The version of Oracle JDeveloper installed on the remote host is prior to 12.2.1.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory: - Vulnerability in the Essbase product of Oracle Essbase component: Infrastructure Apache Commons Compress. The...

Oracle Enterprise Manager Cloud Control (Jul 2021 CPU)

The 13.4.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2021 CPU advisory. - Vulnerability in the StorageTek Tape Analytics SW Tool product of Oracle Systems component: Software dom4j. The supported...

The vulnerability of the UI Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain access to read data or modify data.

The vulnerability of the UI Framework component of the Enterprise Manager Base Platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read data or to modify, add, or delete data through HTTP requests...

CVE-2021-2053

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: UI Framework. The supported version that is affected is 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ba...

Oracle Enterprise Manager Cloud Control (Apr 2020 CPU)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2020 CPU advisory. - Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that...

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform allows a malicious individual to gain access to modify, add, or delete data, to gain unauthorized access to protected information, or to cause service failures.

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform is related to resource release errors. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, obtain unauthorized access to protected information, ...

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, to unauthorizedly access protected information, or to cause a partial service failure.

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform is related to resource release errors. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, gain unauthorized access to protected information...

The vulnerability of the Extensibility Framework component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, to gain unauthorized access to protected information, or to cause service failures.

The vulnerability of the Extensibility Framework component of the Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, gain unauthorized access to protected...