Knowledge@* Security Vulnerabilities and Issues — Knowledge@* CVE List

Lucene search

OracleKnowledge*

3 matches found

CVE•added 2019/04/20 12:29 a.m.•2228 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.01294EPSS

In wild

CVE•added 2018/08/02 1:29 p.m.•232 views

CVE-2018-8032

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

6.1CVSS5.8AI score0.02343EPSS

CVE•added 2020/04/15 2:15 p.m.•37 views

CVE-2020-2795

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Supported versions that are affected are 8.6.0-8.6.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Knowledge executes to co...

6.3CVSS6AI score0.00463EPSS