Service Bus Security Vulnerabilities and Issues — Service Bus CVE List

Lucene search

OracleService Bus

7 matches found

CVE•added 2018/01/18 11:29 p.m.•2395 views

CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

6.1CVSS6.3AI score0.11238EPSS

CVE•added 2019/04/20 12:29 a.m.•2191 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.02394EPSS

CVE•added 2019/08/20 9:15 p.m.•821 views

CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

7.5CVSS7.3AI score0.00317EPSS

CVE•added 2017/08/08 3:29 p.m.•97 views

CVE-2017-10119

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: OSB Web Console Design, Admin). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Servic...

7.6CVSS7.5AI score0.00485EPSS

CVE•added 2017/04/24 7:59 p.m.•43 views

CVE-2017-3507

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Console Design). Supported versions that are affected are 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HT...

7.5CVSS6.5AI score0.00792EPSS

CVE•added 2024/10/15 8:15 p.m.•42 views

CVE-2024-21246

Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Functionality). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Service Bus. Succ...

7.5CVSS7.2AI score0.0007EPSS

CVE•added 2019/04/23 7:32 p.m.•41 views

CVE-2019-2576

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware (subcomponent: Web Container). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Or...

5.3CVSS4.8AI score0.02494EPSS