The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Database

Apache Tomcat: code execution via Enabled AJP Connector
An attacker can use a vulnerability via Enabled AJP Connector of Apache Tomcat, in order to run code...
bulletinapr2020, CERTFR-2020-AVI-112, cpujul2020, CVE-2020-1938, DLA-2133-1, DLA-2209-1, DSA-4673-1, DSA-4680-1, FEDORA-2020-04ac174fa9, FEDORA-2020-c870aa8378, HPESBUX04015, openSUSE-SU-2020:0345-1, openSUSE-SU-2020:0597-1, RHSA-2020:0855-01, RHSA-2020:0912-01, RHSA-2020:1478-01, RHSA-2020:1479-01, RHSA-2020:2779-01, RHSA-2020:2780-01, RHSA-2020:2781-01, RHSA-2020:2783-01, RHSA-2020:2840-01, SUSE-SU-2020:0598-1, SUSE-SU-2020:0631-1, SUSE-SU-2020:0632-1, SUSE-SU-2020:0725-1, SUSE-SU-2020:1111-1, SUSE-SU-2020:1126-1, SUSE-SU-2020:1272-1, SUSE-SU-2020:14342-1, VIGILANCE-VUL-31664
Apache Tomcat: information disclosure via HTTP/2 Request Header Mix-up
An attacker can bypass access restrictions to data via HTTP/2 Request Header Mix-up of Apache Tomcat, in order to obtain sensitive information...
CERTFR-2020-AVI-792, cpuapr2021, CVE-2020-17527, DLA-2495-1, DSA-4835-1, openSUSE-SU-2021:0043-1, openSUSE-SU-2021:0081-1, SUSE-SU-2021:0031-1, SUSE-SU-2021:0040-1, SUSE-SU-2021:0041-1, SUSE-SU-2021:0042-1, VIGILANCE-VUL-34034
CodeMirror: denial of service via Regular Expression
An attacker can trigger a fatal error via Regular Expression of CodeMirror, in order to trigger a denial of service...
cpuapr2021, CVE-2020-7760, DSA-4789-1, VIGILANCE-VUL-33756
RSA BSAFE Micro Edition Suite: out-of-bounds memory reading via ASN.1 Data
An attacker can force a read at an invalid address via ASN.1 Data of RSA BSAFE Micro Edition Suite, in order to trigger a denial of service, or to obtain sensitive information...
cpujul2019, cpuoct2020, CVE-2018-11058, VIGILANCE-VUL-33645
CKEditor: Cross Site Scripting via HTML Data Processor
An attacker can trigger a Cross Site Scripting via HTML Data Processor of CKEditor, in order to run JavaScript code in the context of the web site...
cpuoct2020, CVE-2020-9281, VIGILANCE-VUL-33637
Apache Tomcat: information disclosure via HTTP/2 Concurrent Streams Request Mix-up
An attacker can bypass access restrictions to data via HTTP/2 Concurrent Streams Request Mix-up of Apache Tomcat, in order to obtain sensitive information...
6449662, cpuapr2021, CVE-2020-13943, DLA-2407-1, DSA-2021-001, DSA-4835-1, openSUSE-SU-2020:1799-1, openSUSE-SU-2020:1842-1, SUSE-SU-2020:2996-1, SUSE-SU-2020:3068-1, SUSE-SU-2020:3069-1, VIGILANCE-VUL-33544
JasPer: assertion error via jpc_abstorelstepsize
An attacker can force an assertion error via jpc_abstorelstepsize() of JasPer, in order to trigger a denial of service...
cpuapr2020, cpuoct2020, CVE-2018-9252, openSUSE-SU-2020:1517-1, openSUSE-SU-2020:1523-1, VIGILANCE-VUL-33520
JasPer: out-of-bounds memory reading via jp2_decode
An attacker can force a read at an invalid address via jp2_decode() of JasPer, in order to trigger a denial of service, or to obtain sensitive information...
cpuapr2020, cpuoct2020, CVE-2018-19543, openSUSE-SU-2020:1517-1, openSUSE-SU-2020:1523-1, VIGILANCE-VUL-33519
Terracotta Quartz Scheduler: external XML entity injection via initDocumentParser
An attacker can transmit malicious XML data via initDocumentParser() to Terracotta Quartz Scheduler, in order to read a file, scan sites, or trigger a denial of service...
6344075, cpuapr2020, cpujul2020, cpuoct2020, CVE-2019-13990, VIGILANCE-VUL-33516
Oracle Database: vulnerabilities of July 2020
Several vulnerabilities were announced in Oracle products...
CERTFR-2020-AVI-433, cpujul2020, CVE-2020-2513, CVE-2020-2968, CVE-2020-2969, CVE-2020-2971, CVE-2020-2972, CVE-2020-2973, CVE-2020-2974, CVE-2020-2975, CVE-2020-2976, CVE-2020-2977, CVE-2020-2978, VIGILANCE-VUL-32826
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Database: