Oracle Primavera Gateway (January 2026 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Apache Log4j. Supported versions that ar...

Oracle Primavera Gateway (October 2025 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Apache Commons VFS. Supported versions...

EUVD-2017-12629

Malware in sbrugna...

EUVD-2017-12621

Malware in sbrugna...

EUVD-2023-26054

Malicious code in bioql PyPI...

CVE-2023-21888

Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: WebUI. Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged attacker with network...

Oracle Primavera Gateway (Apr 2025 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2025 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Google Protobuf-Java. Supported versions...

Vulnerabilities fixed in Oracle Enterprise Manager

Oracle fixed vulnerabilities in Oracle Enterprise Manager The vulnerabilities allow unauthenticated attackers to compromise systems via HTTP or SSH, which can lead to denial-of-service DoS or confidential information disclosure. Specifically in Apache MINA's ObjectSerializationDecoder, there is a...

Oracle Primavera Gateway (Jul 2024 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Spring Framework. Supported versions that a...

Oracle Primavera Gateway (April 2024 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to...

Oracle Primavera Gateway (October 2023 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin JSON-java. Supported versions that are...

Oracle Primavera Gateway (Jul 2023 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Apache Commons Net. Supported versions that...

Vulnerabilities fixed in Oracle Construction and Engineering

Vulnerabilities have been fixed in Oracle Construction and Engineering products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Access to system data...

Oracle Primavera Gateway (Jan 2023 CPU)

The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2023 CPU advisory. - Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Google Protobuf-Java. Supported versions...

CVE-2023-21888

Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: WebUI. Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2023-21888

Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering component: WebUI. Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2023-21888

Oracle Primavera Gateway (WebUI) is affected by CVE-2023-21888. Affected versions: 18.8.0–18.8.15, 19.12.0–19.12.15, 20.12.0–20.12.10, 21.12.0–21.12.8. The issue stems from insufficient input validation in the WebUI, allowing a low-privileged attacker with network access over HTTP to compromise P...

PT-2023-1203 · Oracle · Primavera Gateway

Name of the Vulnerable Software and Affected Versions: Primavera Gateway versions 18.8.0 through 18.8.15 Primavera Gateway versions 19.12.0 through 19.12.15 Primavera Gateway versions 20.12.0 through 20.12.10 Primavera Gateway versions 21.12.0 through 21.12.8 Description: The issue is related to...

Oracle Construction and Engineering Suite 安全漏洞

Oracle Construction and Engineering Suite is a portfolio management solution suite of products for construction projects from Oracle Corporation. Oracle Construction and Engineering Suite Oracle Primavera Gateway versions 18.8.0-18.8.15, 19.12.0-19.12.15 20.12.0-20.12.10, and 21.12.0-21.12.8 have...

Oracle Primavera Gateway (Oct 2022 CPU)

The versions of Primavera Gateway installed on the remote host are affected by a denial of service vulnerability as referenced in the October 2022 CPU advisory. This vulnerability is in the Primavera Gateway product of Oracle Construction and Engineering component: Admin Moment.js. Supported...