Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
OraclePrimavera P6 Enterprise Project Portfolio Management16.2

24 matches found

CVE
CVEadded 2018/11/15 9:29 p.m.586 views

CVE-2018-5407

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

4.7CVSS5.6AI score0.00674EPSS
CVE
CVEadded 2018/10/29 1:29 p.m.459 views

CVE-2018-0735

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).

5.9CVSS5.7AI score0.07042EPSS
CVE
CVEadded 2019/01/02 6:29 p.m.314 views

CVE-2018-19360

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.

9.8CVSS8.8AI score0.06777EPSS
CVE
CVEadded 2019/01/02 6:29 p.m.296 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.

9.8CVSS8.8AI score0.04063EPSS
CVE
CVEadded 2019/01/02 6:29 p.m.183 views

CVE-2018-14718

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.

9.8CVSS9.8AI score0.14747EPSS
CVE
CVEadded 2019/01/02 6:29 p.m.180 views

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.

9.8CVSS9.8AI score0.03526EPSS
CVE
CVEadded 2019/01/02 6:29 p.m.179 views

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.

9.8CVSS8.8AI score0.06777EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.58 views

CVE-2017-10038

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with network access ...

6.5CVSS6.5AI score0.00691EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.49 views

CVE-2017-10131

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with netwo...

6.5CVSS6.3AI score0.00245EPSS
CVE
CVEadded 2017/01/27 10:59 p.m.48 views

CVE-2017-3324

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.2, 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows unauthenticated attacker with...

10CVSS8.8AI score0.02719EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.45 views

CVE-2017-10160

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with netwo...

4.3CVSS3.9AI score0.00204EPSS
CVE
CVEadded 2018/10/17 1:31 a.m.44 views

CVE-2018-3281

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.1, 15.2, 16.1, 16.2, 17.7 - 17.12 and 18.8. Easily exploitable vulnerability allows unauthent...

6.1CVSS5.1AI score0.00658EPSS
CVE
CVEadded 2018/07/18 1:29 p.m.43 views

CVE-2018-2960

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.x, 16.x and 17.x. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

6.1CVSS5.3AI score0.00511EPSS
CVE
CVEadded 2018/07/18 1:29 p.m.42 views

CVE-2018-2962

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.x, 16.x and 17.x. Difficult to exploit vulnerability allows low privileged attacker with netw...

4.4CVSS4AI score0.00198EPSS
CVE
CVEadded 2017/01/27 10:59 p.m.41 views

CVE-2017-3263

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Team Member). Supported versions that are affected are 8.2, 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily exploitable vulnerability allows low privileged attacker with...

8.1CVSS8AI score0.00411EPSS
CVE
CVEadded 2017/04/24 7:59 p.m.41 views

CVE-2017-3503

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access (Apache Commons BeanUtils)). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows low p...

9.9CVSS8.6AI score0.01067EPSS
CVE
CVEadded 2019/01/16 7:30 p.m.40 views

CVE-2019-2512

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.1, 15.2, 16.1, 16.2, 17.7-17.12 and 18.8. Difficult to exploit vulnerability allows unauthent...

4.7CVSS4.5AI score0.00824EPSS
CVE
CVEadded 2018/07/18 1:29 p.m.39 views

CVE-2018-2961

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.x, 16.x and 17.x. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

6.1CVSS5.3AI score0.00511EPSS
CVE
CVEadded 2018/10/17 1:31 a.m.39 views

CVE-2018-3241

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.1, 15.2, 16.1, 16.2, 17.7 - 17.12 and 18.8. Easily exploitable vulnerability allows unauthent...

6.1CVSS5.1AI score0.00658EPSS
CVE
CVEadded 2017/04/24 7:59 p.m.38 views

CVE-2017-3583

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows unauthenticated attacker with ne...

8.1CVSS7.7AI score0.00949EPSS
CVE
CVEadded 2018/04/19 2:29 a.m.38 views

CVE-2018-2849

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 16.2 and 17.1 - 17.12. Easily exploitable vulnerability allows low privileged attacker with network a...

7.7CVSS6.9AI score0.00337EPSS
CVE
CVEadded 2018/07/18 1:29 p.m.37 views

CVE-2018-2963

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). Supported versions that are affected are 8.4, 15.x and 16.x. Easily exploitable vulnerability allows low privileged attacker with network acce...

4.3CVSS3.4AI score0.00193EPSS
CVE
CVEadded 2016/10/25 2:30 p.m.35 views

CVE-2016-5533

Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.4, 15.x, and 16.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.2AI score0.00106EPSS
CVE
CVEadded 2017/04/24 7:59 p.m.35 views

CVE-2017-3579

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcomponent: Web Access). Supported versions that are affected are 8.3, 8.4, 15.1, 15.2, 16.1 and 16.2. Easily "exploitable" vulnerability allows unauthenticated attacker with ne...

6.1CVSS5.5AI score0.00488EPSS