25 matches found
Oracle Critical Patch Update Advisory - April 2026
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...
CVE-2026-21992
Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware component: REST WebServices and Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable...
Oracle Identity Manager and Web Services Manager RCE (CVE-2026-21992)
The remote host has Oracle Identity Manager and/or Oracle Web Services Manager installed and is affected by a remote code execution vulnerability as referenced in the CVE-2026-21992 Security Alert Advisory. - Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware...
The vulnerability of the XML security component of the Oracle Web Services Manager application on the Oracle Fusion Middleware software platform allows a perpetrator to gain unauthorized access to protected data or to modify, add, or delete protected data.
The vulnerability of the XML Security component of the Oracle Web Services Manager application in the Oracle Fusion Middleware software platform is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected data o...
CVE-2023-21862
CVE-2023-21862 affects Oracle Web Services Manager (OWSM) within Oracle Fusion Middleware, specifically the XML Security component in version 12.2.1.4.0. The issue stems from insufficient input validation, enabling an unauthenticated attacker with network access via HTTP to compromise OWSM, poten...
CVE-2022-21497
Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2022-21497
Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware component: Web Services Security. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2022-21497
CVE-2022-21497 affects Oracle Web Services Manager (component: Web Services Security) within Oracle Fusion Middleware. Affects 12.2.1.3.0 and 12.2.1.4.0. The vulnerability allows an unauthenticated attacker who can reach the service over HTTP to compromise the product. Exploitation requires human...
Oracle Web Services Manager 输入验证错误漏洞
Oracle Web Services Manager OWSM is a service manager from Oracle Corporation that provides a policy framework for consistently managing and securing Web services across an organization. Oracle Fusion Middleware Oracle Web Services Manager suffers from an input validation error vulnerability that...
The vulnerability of the Webservices Manager component of the Oracle Communications Billing and Revenue Management software lies in insufficient validation of input data. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Webservices Manager component of the Oracle Communications Billing and Revenue Management software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility o...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Services Security...
CVE-2013-1553
The CVE-2013-1553 entry concerns Oracle Fusion Middleware 11.1.1.6.0, specifically the Oracle Web Services Manager component. The vulnerability is described as unspecified and affecting confidentiality and integrity via unknown vectors related to Web Services Security. The provided connected docu...
Oracle Web Services Manager Web Services Security远程权限提升漏洞
BUGTRAQ ID: 51463 CVE ID: CVE-2012-3568 Oracle Web Services Manager可提供Web服务的安全解决方案。 Oracle Web Services Manager在实现上存在远程权限提升漏洞,远程已验证攻击者可利用此漏洞可通过HTTP协议影响Web Services Security组件及11.1.1.3、11.1.1.4、11.1.1.5版本。 0 Oracle Web Services Manager 11.1.1.5 Oracle Web Services Manager 11.1.1.4 Oracle Web...
CVE-2011-3531
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect availability via unknown vectors related to Web Services Security...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect availability via unknown vectors related to Web Services Security...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web Services Security...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect confidentiality via unknown vectors related to Web Services Security...
CVE-2011-3531
CVE-2011-3531 affects Oracle Fusion Middleware’s Oracle Web Services Manager in versions 11.1.1.3, 11.1.1.4, and 11.1.1.5. The vulnerability is described as unspecified with impact to availability via unknown vectors related to Web Services Security. The connected documents confirm the affected p...
CVE-2011-3531
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion Middleware 11.1.1.3, 11.1.1.4, and 11.1.1.5 allows remote attackers to affect availability via unknown vectors related to Web Services Security...
CVE-2011-3568
CVE-2011-3568 affects Oracle Fusion Middleware’s Oracle Web Services Manager component (versions 11.1.1.3, 11.1.1.4, 11.1.1.5). The vulnerability is described as unspecified and involves remote authenticated users impacting confidentiality and integrity via unknown vectors related to Web Services...