Oracle Ilearning vulnerabilities

CVE-2022-23437 [MEDIUM] CWE-835 CVE-2022-23437: There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially c There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.

CVE-2021-2351 [HIGH] CWE-327 CVE-2021-2351: Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versi Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a perso

CVE-2020-17521 [MEDIUM] CVE-2020-17521: Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this f Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected,

CVE-2020-14595 [HIGH] CVE-2020-14595: Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Assessment Manager). S Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Assessment Manager). Supported versions that are affected are 6.1 and 6.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks of this vulnerability can result in unauthorized access to cr

CVE-2020-2709 [MEDIUM] CVE-2020-2709: Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Learner Pages). The su Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Learner Pages). The supported version that is affected is 6.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while t

CVE-2018-3146 [HIGH] CVE-2018-3146: Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administr Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). Supported versions that are affected are 6.1 and 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the a

CVE-2018-2989 [HIGH] CVE-2018-2989: Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administr Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). The supported version that is affected is 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker

CVE-2017-10199 [HIGH] CVE-2017-10199: Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Pages). T Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Pages). The supported version that is affected is 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and wh

CVE-2016-0508 [MEDIUM] CVE-2016-0508: Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows r Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Administration.

CVE-2014-6594 [MEDIUM] CVE-2014-6594: Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows r Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect confidentiality via unknown vectors related to Learner Pages.

CVE-2015-0436 [MEDIUM] CVE-2015-0436: Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows r Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect confidentiality via unknown vectors related to Login.

CVE-2014-2471 [MEDIUM] CVE-2014-2471: Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows r Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Pages.

CVE-2014-0389 [MEDIUM] CVE-2014-0389: Unspecified vulnerability in Oracle iLearning 6.0 allows remote attackers to affect integrity via un Unspecified vulnerability in Oracle iLearning 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages.

CVE-2013-5845 [MEDIUM] CVE-2013-5845: Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Administration.

CVE-2013-5822 [MEDIUM] CVE-2013-5822: Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Learner Administration.

CVE-2013-3775 [MEDIUM] CVE-2013-3775: Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages.