Oracle Iplanet Web Server — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Iplanet Web Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2015-7182 — CVSS 9.8 (critical): Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as…
CVE-2016-1950 — CVSS 8.8 (high): Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in…
CVE-2020-9315 — CVSS 7.5 (high): ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the…
CVE-2017-10055 — CVSS 6.1 (medium): Vulnerability in the Oracle iPlanet Web Server component of Oracle Fusion Middleware (subcomponent: Admin Graphical User Interface). The…
CVE-2012-1738 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite Java System Web Server 6.1 and Oracle…
CVE-2020-9314 — CVSS 4.8 (medium): ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the…
CVE-2013-1620 — CVSS 4.3 (medium): The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant…