The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Bea Systems Tuxedo

Bouncy Castle: denial of service via OutOfMemory ASN.1
An attacker can trigger a fatal error via OutOfMemory ASN.1 of Bouncy Castle, in order to trigger a denial of service...
cpuapr2020, cpujan2020, CVE-2019-17359, VIGILANCE-VUL-30558
WebLogic, Tuxedo: several vulnerabilities
An attacker can exploit several vulnerabilities of WebLogic Server/Express and Tuxedo...
BEA05-80.02, BEA07-158.00, BEA07-159.00, BEA07-160.00, BEA07-161.00, BEA07-162.00, BEA07-163.00, BEA07-164.00, BEA07-164.01, BEA07-165.00, BEA07-168.00, BEA07-169.00, BEA07-80.03, BEA08-159.01, BEA08-80.04, BID-23979, CVE-2007-2694, CVE-2007-2695, CVE-2007-2696, CVE-2007-2697, CVE-2007-2698, CVE-2007-2699, CVE-2007-2700, CVE-2007-2701, CVE-2007-2704, CVE-2007-2705, CVE-2008-0902, VIGILANCE-VUL-6816
Eclipse Jetty: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Eclipse Jetty, in order to run JavaScript code in the context of the web site...
cpuapr2020, cpujan2020, CVE-2019-10241, CVE-2019-10246, CVE-2019-10247, NTAP-20190509-0003, VIGILANCE-VUL-29106
Oracle Fusion Middleware: vulnerabilities of April 2018
Several vulnerabilities were announced in Oracle products...
cpuapr2018, CVE-2018-2587, CVE-2018-2628, CVE-2018-2739, CVE-2018-2760, CVE-2018-2765, CVE-2018-2770, CVE-2018-2791, CVE-2018-2828, CVE-2018-2834, CVE-2018-2879, VIGILANCE-VUL-25897
OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle
An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information...
1170328, bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-1559, DLA-1701-1, DSA-2019-201, DSA-2020-062, DSA-2020-072, DSA-4400-1, FEDORA-2019-00c25b9379, ibm10876638, ibm10886237, ibm10886659, JSA10949, JSA10993, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, PAN-SA-2019-0039, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600
jackson-databind: code execution via slf4j-ext
An attacker can use a vulnerability via slf4j-ext of jackson-databind, in order to run code...
5048, cpuapr2019, cpujan2019, cpujan2020, CVE-2018-14718, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, VIGILANCE-VUL-28550
jackson-databind: code execution via blaze-ds-opt
An attacker can use a vulnerability via blaze-ds-opt of jackson-databind, in order to run code...
5048, cpuapr2019, cpujan2019, cpuoct2019, CVE-2018-14719, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, VIGILANCE-VUL-28549
jackson-databind: external XML entity injection via JDK Classes
An attacker can transmit malicious XML data via JDK Classes to jackson-databind, in order to read a file, scan sites, or trigger a denial of service...
5048, cpuapr2019, cpujan2019, cpuoct2019, CVE-2018-14720, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28548
jackson-databind: information disclosure via axis2-jaxws SSRF
An attacker can bypass access restrictions to data via axis2-jaxws SSRF of jackson-databind, in order to obtain sensitive information...
5048, cpuapr2019, cpujan2019, cpuoct2019, CVE-2018-14721, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, RHSA-2019:1106-01, RHSA-2019:1107-01, RHSA-2019:1108-01, RHSA-2019:1140-01, VIGILANCE-VUL-28547
jackson-databind: code execution via Axis2-transport-jms Deserialization
An attacker can use a vulnerability via Axis2-transport-jms Deserialization of jackson-databind, in order to run code...
5048, cpuapr2019, cpujul2019, cpuoct2019, CVE-2018-19360, DLA-1703-1, DSA-4452-1, FEDORA-2019-df57551f6d, RHSA-2019:0782-01, VIGILANCE-VUL-28546
Our database contains other pages. You can request a free trial to read them.

Display information about Bea Systems Tuxedo: