Enterprise Repository Security Vulnerabilities and Issues — Enterprise Repository CVE List

Lucene search

OracleEnterprise Repository

4 matches found

CVE•added 2019/10/23 8:15 p.m.•286 views

CVE-2019-12415

In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.

5.5CVSS6.7AI score0.00022EPSS

CVE•added 2019/03/28 10:29 p.m.•204 views

CVE-2019-0222

In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.

7.5CVSS7.4AI score0.10296EPSS

CVE•added 2019/05/28 7:29 p.m.•161 views

CVE-2019-0188

Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.

7.5CVSS7.5AI score0.02244EPSS

CVE•added 2019/10/16 6:15 p.m.•148 views

CVE-2019-2904

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

9.8CVSS9.1AI score0.21041EPSS