Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Oss support tools'
2022-04-19
CVE-2022-21405
NVD-CWE-noinfo
Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is affected is 18.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where OSS Support Tools executes to compromise OSS Support Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in OSS Support Tools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all OSS Support Tools accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N).
2021-04-22
CVE-2021-2303
NVD-CWE-noinfo
Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Diagnostic Assistant). The supported version that is affected is Prior to 2.12.41. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise OSS Support Tools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all OSS Support Tools accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
2018-01-18
CVE-2015-9251
CWE-79
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
2018-01-17
CVE-2018-2616
CWE-noinfo
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported version that is affected is Prior to 2.11.33. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise OSS Support Tools. Successful attacks of this vulnerability can result in takeover of OSS Support Tools. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
CVE-2018-2615
CWE-noinfo
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported version that is affected is Prior to 2.11.33. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise OSS Support Tools. Successful attacks of this vulnerability can result in takeover of OSS Support Tools. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
2016-02-14
CVE-2015-3197
CWE-310
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
>>>
Vendor:
Oracle
744
Products
Linux
Solaris
Sunos
Http server
Communications server
JAVA
Oracle8i
Java virtual machine
Database server
Mysql
Database assistant
Web listener
Application server
Iplanet web server
Weblogic server
Listener
Internet directory
JDK
Oracle9i
E-business suite
JSP
Application server web cache
JRE
Tuxedo
SDK
Corporate time outlook connector
Reports
Peopletools
Configurator
Database
Applications
Oracle files
Application server portal
Java system application server
Collaboration suite
Enterprise manager
Enterprise manager database control
Enterprise manager grid control
Oracle10g
Database server lite
Secure global desktop
10g reports server
Forms
Weblogic portal
Jdeveloper
Forms builder
Html db
Clinical
10g enterprise manager database control
Enterprise manager application server control
Peoplesoft enterprise
Enterpriseone
Peoplesoft enterprise customer relationship management
Application server discussion forum portlet
Isupport
Peoplesoft enterprise portal
Oracle client
10g enterprise manager grid control
Developer suite
Workflow
Diagnostics
Enterpriseone tools
Oneworld tools
Collaboration suite 10g release 1
Peoplesoft enterprise tools
Pharmaceutical
Exchange
Identity manager
APEX
Portal
Jrockit
Access manager
Java dynamic management kit
Weblogic workshop
Rapid install web server
Peoplesoft enterprise human capital management
Peoplesoft enterprise peopletools
Secure enterprise search
Jinitiator
Opensolaris
Enterprise grid console server
Opmn daemon
Mysql server
Business process management suite
Application server 9i
Applications manager
Application express
Database 9i
Application server 10g
Database 10g
Database 11g
E-business suite 11i
E-business suite 12
Peoplesoft hcm eperformance
Siebel enterprise
Bea product suite
Webloic server component
Weblogic server component
Oracle portal component
Report manager component
See all Products for Vendor
Oracle
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Oss support tools' 