Vulnerabilities (CVE)

Vendor filter

Oracle Subscribe

Product filter

Application Testing Suite Subscribe

Filter

26 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-3311 1 Oracle 1 Application Testing Suite 2019-10-03 5.0
Vulnerability in the Application Testing Suite component of Oracle Enterprise Manager Grid Control (subcomponent: Test Manager for Web Apps). Supported versions that are affected are 12.5.0.3, 12.5.0.2 and 12.4.0.2. Easily exploitable...
CVE-2018-3305 1 Oracle 1 Application Testing Suite 2019-10-03 6.5
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily...
CVE-2018-3304 1 Oracle 1 Application Testing Suite 2019-10-03 6.4
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily...
CVE-2018-1258 3 Pivotal Software, Oracle, Netapp 35 Spring Framework, Application Testing Suite, Communications Diameter Signaling Router and 32 more 2019-10-03 6.5
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
CVE-2018-1272 2 Pivotal Software, Oracle 22 Spring Framework, Application Testing Suite, Big Data Discovery and 19 more 2019-10-03 6.0
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from...
CVE-2018-11040 2 Pivotal Software, Oracle 17 Spring Framework, Agile Product Lifecycle Management, Application Testing Suite and 14 more 2019-10-03 4.3
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST...
CVE-2019-2727 1 Oracle 1 Application Testing Suite 2019-07-25 7.5
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). The supported version that is affected is 13.3. Easily exploitable vulnerability allows...
CVE-2018-1271 2 Pivotal Software, Oracle 22 Spring Framework, Application Testing Suite, Big Data Discovery and 19 more 2019-07-23 4.3
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a...
CVE-2018-1257 3 Pivotal Software, Redhat, Oracle 27 Spring Framework, Openshift, Agile Product Lifecycle Management and 24 more 2019-07-23 4.0
Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging...
CVE-2018-1275 2 Pivotal Software, Oracle 16 Spring Framework, Application Testing Suite, Big Data Discovery and 13 more 2019-07-03 7.5
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module....
CVE-2018-1270 2 Pivotal Software, Oracle 22 Spring Framework, Application Testing Suite, Big Data Discovery and 19 more 2019-07-03 7.5
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module....
CVE-2019-2557 1 Oracle 1 Application Testing Suite 2019-04-24 6.5
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low...
CVE-2015-7940 4 Bouncycastle, Oracle, Novell and 1 more 9 Enterprise Manager Ops Center, Leap, Bouncy Castle Crypto Package and 6 more 2019-01-16 5.0
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka...
CVE-2016-0492 1 Oracle 1 Application Testing Suite 2016-12-22 6.4
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load...
CVE-2016-0489 1 Oracle 1 Application Testing Suite 2016-12-22 6.5
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown...
CVE-2016-0491 1 Oracle 1 Application Testing Suite 2016-12-22 6.4
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing...
CVE-2016-0488 1 Oracle 1 Application Testing Suite 2016-12-22 6.4
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load...
CVE-2016-0490 1 Oracle 1 Application Testing Suite 2016-12-22 6.4
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Test...
CVE-2016-0485 1 Oracle 1 Application Testing Suite 2016-12-22 5.0
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web...
CVE-2016-0487 1 Oracle 1 Application Testing Suite 2016-12-22 6.4
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Test...