Oracle Access_manager
20 CVEs affecting Oracle Access_manager. Latest disclosed: 2026-06-17. Critical: 5, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-35313 | Critical | 9.9 | 2026-06-17 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 12… |
CVE-2021-35587 | Critical | 9.8 | 2022-01-19 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO Agent). Supported versions that are affected are 11.1.2.3.0… |
CVE-2020-2555 | Critical | 9.8 | 2020-01-15 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are… |
CVE-2018-2739 | Critical | 9.3 | 2018-04-19 | Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10… |
CVE-2018-2879 | Critical | 9.0 | 2018-04-19 | Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected ar… |
CVE-2022-39412 | High | 7.5 | 2022-10-18 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Admin Console). The supported version that is affected is 12.2.1.4.0… |
CVE-2026-35314 | High | 7.3 | 2026-06-17 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Web Server Plugin). Supported versions that are affected are 12.2.1… |
CVE-2026-35261 | Medium | 6.5 | 2026-06-17 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 12… |
CVE-2018-2587 | Medium | 6.5 | 2018-04-19 | Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10… |
CVE-2026-46812 | Medium | 6.1 | 2026-06-17 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 12… |
CVE-2019-10219 | Medium | 6.1 | 2019-11-08 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious cod… |
CVE-2017-10262 | Medium | 5.9 | 2018-01-18 | Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 1… |
CVE-2020-2747 | Medium | 5.4 | 2020-04-15 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Supported versions that are affected are 11.1.2.3.0 and… |
CVE-2022-39405 | Medium | 5.3 | 2022-10-18 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12… |
CVE-2017-10154 | Medium | 5.3 | 2017-10-19 | Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affected is 1… |
CVE-2021-2358 | Medium | 4.9 | 2021-07-21 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Rest interfaces for Access Mgr). The supported version that is affec… |
CVE-2021-29425 | Medium | 4.8 | 2021-04-13 | In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result wou… |
CVE-2020-2740 | Medium | 4.6 | 2020-04-15 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 11… |
CVE-2023-21859 | Medium | 4.4 | 2023-01-18 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is… |
CVE-2020-2745 | Medium | 4.3 | 2020-04-15 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Supported versions that are affected are 11.1.2.3.0 and… |