threat
engine
.sh
Back
·
··:··
Home
/
Product
/
oracle primavera p6 enterprise project portfolio management
Product
oracle primavera p6 enterprise project portfolio management
63 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-50061
>= 20.12.0 and <= 20.12.21
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
5.4
MEDIUM
CVE-2025-21558
>= 20.12.1.0 and <= 20.12.21.5
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
5.4
MEDIUM
CVE-2025-21528
>= 20.12.1.0 and <= 20.12.21.5
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
4.3
MEDIUM
CVE-2025-21526
>= 20.12.1.0 and <= 20.12.21.5
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
5.4
MEDIUM
CVE-2024-21095
>= 19.12.0 and <= 19.12.22
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
8.2
HIGH
CVE-2020-36518
>= 17.12.0.0 and <= 17.12.20.4
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
7.5
HIGH
CVE-2021-44832
>= 19.12.0 and <= 19.12.18.0
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code
6.6
MEDIUM
CVE-2021-45105
>= 19.12.0.0 and <= 19.12.18.0
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from sel
5.9
MEDIUM
CVE-2021-2386
>= 20.12.0 and <= 20.12.3
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
4.3
MEDIUM
CVE-2021-2366
>= 17.12.0 and <= 17.12.20
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
6.4
MEDIUM
CVE-2021-2351
>= 17.12.0.0 and <= 17.12.20
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1
8.3
HIGH
CVE-2020-5421
>= 16.1.0 and <= 16.2.20
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the pr
6.5
MEDIUM
CVE-2020-14706
>= 17.1.0.0 and <= 17.12.17.1
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
5.9
MEDIUM
CVE-2020-14653
>= 16.1.0.0 and <= 16.2.20.1
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
5.4
MEDIUM
CVE-2020-10683
>= 16.1.0.0 and <= 16.2.20.1
dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. H
9.8
CRITICAL
CVE-2020-2706
>= 16.2.0.0 and <= 16.2.19.3
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
5.4
MEDIUM
CVE-2020-2594
>= 16.2.0.0 and <= 16.2.19.3
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
6.5
MEDIUM
CVE-2020-2707
>= 15.1.0.0 and <= 15.2.18.7
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
5.4
MEDIUM
CVE-2020-2556
>= 16.2.0.0 and <= 16.2.19.0
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
7.3
HIGH
CVE-2019-10219
>= 17.12.0.0 and <= 17.12.0.0-17.12.20.0
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting
6.1
MEDIUM
CVE-2019-3020
>= 15.1.0 and <= 15.2.18
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
9.3
CRITICAL
CVE-2019-2976
>= 17.1.0 and <= 17.12.12
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (componen
6.8
MEDIUM
CVE-2019-17091
>= 15.1.0.0 and <= 15.2.18.7
faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaSe
6.1
MEDIUM
CVE-2019-2701
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
4.3
MEDIUM
CVE-2019-2512
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
4.7
MEDIUM
CVE-2018-19362
>= 17.7 and <= 17.12
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jb
9.8
CRITICAL
CVE-2018-19361
>= 17.7 and <= 17.12
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the op
9.8
CRITICAL
CVE-2018-19360
>= 17.7 and <= 17.12
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the ax
9.8
CRITICAL
CVE-2018-14719
>= 17.7 and <= 17.12
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block
9.8
CRITICAL
CVE-2018-14718
>= 17.7 and <= 17.12
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block
9.8
CRITICAL
CVE-2018-5407
>= 17.7 and <= 17.12
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a sid
4.7
MEDIUM
CVE-2018-0735
>= 17.7 and <= 17.12
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use varia
5.9
MEDIUM
CVE-2018-3281
>= 17.7 and <= 17.12
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
6.1
MEDIUM
CVE-2018-3241
>= 17.7 and <= 17.12
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
6.1
MEDIUM
CVE-2018-1000632
>= 16.1.0.0 and <= 16.2.20.1
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAtt
7.5
HIGH
CVE-2018-1288
>= 19.12.0.0 and <= 19.12.6.0
In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform a
5.4
MEDIUM
CVE-2018-2963
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
4.3
MEDIUM
CVE-2018-2962
>= 17.1 and <= 17.12
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
4.4
MEDIUM
CVE-2018-2961
>= 17.1 and <= 17.12
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
6.1
MEDIUM
CVE-2018-2960
>= 17.1 and <= 17.12
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
6.1
MEDIUM
CVE-2018-11039
all versions
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applica
5.9
MEDIUM
CVE-2018-2849
>= 17.1 and <= 17.12
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (
7.7
HIGH
CVE-2017-10160
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
4.3
MEDIUM
CVE-2017-10131
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
6.5
MEDIUM
CVE-2017-10046
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
5.4
MEDIUM
CVE-2017-10038
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
6.5
MEDIUM
CVE-2017-3583
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
8.1
HIGH
CVE-2017-3579
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
6.1
MEDIUM
CVE-2017-3503
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
9.9
CRITICAL
CVE-2017-3324
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
10.0
CRITICAL
CVE-2017-3263
all versions
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone
8.1
HIGH
CVE-2016-5533
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
5.4
MEDIUM
CVE-2016-3573
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
6.1
MEDIUM
CVE-2016-3572
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
6.4
MEDIUM
CVE-2016-3571
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
6.1
MEDIUM
CVE-2016-3570
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
6.1
MEDIUM
CVE-2016-3569
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
6.1
MEDIUM
CVE-2016-3568
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
6.1
MEDIUM
CVE-2016-3567
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
5.4
MEDIUM
CVE-2016-3566
all versions
Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite
6.1
MEDIUM
CVE-2016-0635
all versions
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,
8.8
HIGH
CVE-2012-3137
all versions
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote
CVE-2009-2625
all versions
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK an
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin