The Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0.
4ec37da27b4c2bc377cee005689b9de7e837a03542a60ce1130758c857cb9228
SAP Hybris E-commerce Suite version 5.1.0.3 suffers from a hard-coded password vulnerability.
daf8b4bbd6787dc3c0a7457e078026f3ad9872c0941ce5b13a4f85401240fa99
Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/oramipp_lpr servlet.
de8ff071f7c958b91bd1cfd996007fd7b0ecb3dec217f9ae5e66e3d96ad27826
Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/IspPunchInServlet servlet.
6fb7e76643fd36ba0f6358346bf6ca64dbdedb6d5bcb98f6fd505aead1f86292
Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/copxml servlet.
64f773023ff0e889e6870ab0b5f1dc0367b44615f3ae94952e1f839c93009706
Oracle E-Business Suite suffers from a cross site scripting vulnerability. Version 12.1.4 is affected.
330164019ca36985ae57a2a7d3254a6caf05cc6e3de339d6d2d0609cb18a4c10
Oracle E-Business Suite suffers from a remote SQL injection vulnerability. Versions 12.1.3 and 12.1.4 are affected.
bed7d6cdc8769e52a8aa6079d2197b1a4a13e686111b6e01d1e0c62a2b41c50d
There is a script in EBS that is used to connect to the database and displays the connection status. Different connection results can help an attacker to find existing database accounts. Version 12.2.4 is affected.
1aa0dba66e594f4a17c1c25ee299403e80adb017253f58e948040cbe8038ad7f
SAP NetWeaver suffers from a command execution vulnerability in the TH_GREP report.
c3dfd70888d86b64249ce6ffaa7d8426a73697ec5490a405e2af35c4743d2370