Lucene search
K
OracleApplication Performance Management

8 matches found

CVE
CVE
added 2021/04/13 6:50 a.m.633 views

CVE-2021-29425

CVE-2021-29425 affects Apache Commons IO up to version 2.6, specifically FileNameUtils.normalize. With inputs such as "//../foo" or "\..\foo", normalization can yield a value that does not escape to higher directories, potentially enabling access to the parent directory if the resulting path is u...

5.8CVSS6.7AI score0.10608EPSS
In wild
CVE
CVE
added 2019/11/08 2:46 p.m.294 views

CVE-2019-10219

The CVE-2019-10219 entry affects Hibernate Validator: SafeHtml validator annotation fails to sanitize HTML comments/instructions, enabling XSS in affected code paths. Affected CP4S versions are 1.7.2.0, 1.8.0.0, and 1.8.1.0. Remediation is to upgrade to Cloud Pak for Security 1.9.0.0 per IBM guid...

6.5CVSS6AI score0.02167EPSS
CVE
CVE
added 2019/09/18 10:23 p.m.245 views

CVE-2019-3740

CVE-2019-3740 concerns RSA BSAFE Crypto-J used by Oracle GoldenGate Install (Dell BSAFE Crypto-J). The root cause is a timing-discrepancy vulnerability during DSA key generation that could allow a remote attacker to recover DSA private keys. Affected product/component: Oracle GoldenGate (Install ...

6.5CVSS7.9AI score0.03753EPSS
CVE
CVE
added 2019/09/18 10:23 p.m.241 views

CVE-2019-3739

CVE-2019-3739 concerns RSA BSAFE Crypto-J versions prior to 6.2.5, where information exposure can occur via timing discrepancy during ECDSA key generation. The vulnerability could allow a remote attacker to recover ECDSA keys. The provided documents identify the affected component as Dell/Certico...

6.5CVSS7.9AI score0.02538EPSS
CVE
CVE
added 2021/07/20 10:43 p.m.239 views

CVE-2021-2351

CVE-2021-2351 affects Oracle Database Server’s Advanced Networking Option, with affected versions 12.1.0.2, 12.2.0.1, and 19c. The vulnerability allows unauthenticated network access via Oracle Net to compromise the Advanced Networking Option, with access requiring user interaction (UI_R) and ris...

8.3CVSS8.5AI score0.025EPSS
CVE
CVE
added 2019/09/18 10:23 p.m.234 views

CVE-2019-3738

Missing Required Cryptographic Step vulnerability (CVE-2019-3738) affects Dell RSA BSAFE Crypto-J versions prior to 6.2.5; a remote attacker could coerce two parties into computing the same predictable shared key. The CNVD entry confirms the affected component and impact; the Oracle/Nessus refere...

6.5CVSS7.5AI score0.01681EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.44 views

CVE-2020-2946

CVE-2020-2946 affects Oracle Enterprise Manager’s Application Performance Management component (EM Request Monitoring). Affected supported versions are 12.1.0.5, 13.2.0.0 and 13.3.0.0. The vulnerability allows a high-privileged attacker with network access over HTTP to compromise APM, potentially...

6.5CVSS5.6AI score0.01335EPSS
CVE
CVE
added 2026/06/16 7:27 p.m.14 views

CVE-2026-46858

CVE-2026-46858 has a CVSS 3.1 base score of 9.1 (critical) with NETWORK attack vector, no authentication, no user interaction, and high impact on integrity and availability. The CVSS source is Oracle, and an Oracle security alert is referenced. No explicit exploitation details or remediation are ...

9.1CVSS5.1AI score0.00447EPSS