The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Directory Server

Apache Tomcat: code execution via Read-write Default/WebDAV Servlet
An attacker can use a vulnerability via Read-write Default/WebDAV Servlet of Apache Tomcat, in order to run code...
504539, 61542, CERTFR-2017-AVI-332, cpuapr2018, cpuapr2019, cpujan2018, cpujul2018, CVE-2017-12617, DLA-1166-1, DLA-1166-2, ESA-2017-097, FEDORA-2017-ef7c118dbc, FEDORA-2017-f499ee7b12, openSUSE-SU-2017:3069-1, RHSA-2017:3080-01, RHSA-2017:3081-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2018:0465-01, RHSA-2018:0466-01, SB10218, SUSE-SU-2017:3039-1, SUSE-SU-2017:3059-1, SUSE-SU-2017:3279-1, USN-3665-1, VIGILANCE-VUL-23883
Apache httpd: information disclosure via htaccess Limit Optionsbleed
When Apache httpd hosts an .htaccess file with the Limit option, an OPTIONS query can retrieve an extract of the service memory...
2009782, bulletinjan2018, CERTFR-2017-AVI-336, cpujan2018, cpujan2019, CVE-2017-9798, DLA-1102-1, DSA-2019-131, DSA-2019-197, DSA-3980-1, FEDORA-2017-a52f252521, HT208331, HT208394, JSA10838, openSUSE-SU-2017:2549-1, openSUSE-SU-2018:1057-1, RHSA-2017:2882-01, RHSA-2017:2972-01, RHSA-2017:3018-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3239-01, RHSA-2017:3240-01, SSA:2017-261-01, Synology-SA-17:56, USN-3425-1, USN-3425-2, VIGILANCE-VUL-23863
Apache Batik: external XML entity injection
An attacker can transmit malicious XML data to Apache Batik, in order to read a file, scan sites, or trigger a denial of service...
cpuapr2018, cpujul2018, cpuoct2017, CVE-2017-5662, DLA-926-1, DSA-4215-1, FEDORA-2017-43b46cd2da, FEDORA-2017-aff3dd3101, RHSA-2017:2546-01, RHSA-2017:2547-01, RHSA-2018:0319-01, USN-3280-1, VIGILANCE-VUL-22591
Mozilla NSS: two vulnerabilities
An attacker can use several vulnerabilities of Mozilla NSS...
bulletinapr2017, bulletinjan2019, CERTFR-2017-AVI-126, CERTFR-2017-AVI-134, cpujan2018, cpuoct2017, CVE-2017-5461, CVE-2017-5462, DLA-906-1, DLA-946-1, DSA-3831-1, DSA-3872-1, FEDORA-2017-31c64a0bbf, FEDORA-2017-82265ed89e, FEDORA-2017-87e23bcc34, FEDORA-2017-9042085060, MFSA-2017-10, MFSA-2017-11, MFSA-2017-12, MFSA-2017-13, openSUSE-SU-2017:1099-1, openSUSE-SU-2017:1196-1, openSUSE-SU-2017:1268-1, RHSA-2017:1100-01, RHSA-2017:1101-01, RHSA-2017:1102-01, RHSA-2017:1103-01, SA150, SSA:2017-112-01, SSA:2017-114-01, SUSE-SU-2017:1175-1, SUSE-SU-2017:1248-1, SUSE-SU-2017:1669-1, SUSE-SU-2017:2235-1, USN-3260-1, USN-3260-2, USN-3270-1, USN-3278-1, USN-3372-1, VIGILANCE-VUL-22505
Apache log4j: code execution via Socket Server Deserialization
An attacker can use a vulnerability via Socket Server Deserialization of Apache log4j, in order to run code...
cpuapr2018, cpuapr2019, cpuapr2020, cpujan2018, cpujan2019, cpujan2020, cpujul2018, cpujul2019, cpuoct2018, CVE-2017-5645, ESA-2017-05, FEDORA-2017-2ccfbd650a, FEDORA-2017-511ebfa8a3, FEDORA-2017-7e0ff7f73a, FEDORA-2017-8348115acd, FEDORA-2017-b8358cda24, JSA10838, RHSA-2017:1801-01, RHSA-2017:1802-01, RHSA-2017:2423-01, RHSA-2017:2633-01, RHSA-2017:2635-01, RHSA-2017:2636-01, RHSA-2017:2637-01, RHSA-2017:2638-01, RHSA-2017:2808-01, RHSA-2017:2809-01, RHSA-2017:2810-01, RHSA-2017:2811-01, RHSA-2017:2888-01, RHSA-2017:2889-01, RHSA-2017:3244-01, RHSA-2017:3399-01, RHSA-2017:3400-01, VIGILANCE-VUL-22460
OpenSSL: denial of service via the "Encrypt-Then-Mac" option
An attacker can change the state of the "Encrypt-Then-Mac" TLS option in a renegotiation with a server or client based on OpenSSL, in order to trigger a denial of service...
2003480, 2003620, 2003673, 2004940, CERTFR-2017-AVI-035, cisco-sa-20170130-openssl, cpuapr2019, cpujan2018, cpuoct2017, CVE-2017-3733, HPESBGN03728, VIGILANCE-VUL-21871
OpenSSL: multiple vulnerabilities
An attacker can use several vulnerabilities of OpenSSL...
1117414, 2000544, 2000988, 2000990, 2002331, 2004036, 2004940, 2009389, 2010154, 2011567, 2012827, 2014202, 2014651, 2014669, 2015080, BSA-2016-204, BSA-2016-207, BSA-2016-211, BSA-2016-212, BSA-2016-213, BSA-2016-216, BSA-2016-234, bulletinapr2017, bulletinjan2018, bulletinoct2017, CERTFR-2017-AVI-035, CERTFR-2018-AVI-343, cisco-sa-20170130-openssl, cpuapr2017, cpuapr2019, cpujan2018, cpujul2017, cpujul2018, cpuoct2017, CVE-2016-7055, CVE-2017-3730, CVE-2017-3731, CVE-2017-3732, DLA-814-1, DSA-2020-062, DSA-3773-1, FEDORA-2017-3451dbec48, FEDORA-2017-e853b4144f, FG-IR-17-019, FreeBSD-SA-17:02.openssl, ibm10732391, ibm10733905, ibm10738249, ibm10738401, JSA10775, JSA10990, K37526132, K43570545, K44512851, K-510805, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0481-1, openSUSE-SU-2017:0487-1, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2017:2011-1, openSUSE-SU-2017:2868-1, openSUSE-SU-2018:0458-1, PAN-70674, PAN-73914, PAN-SA-2017-0012, PAN-SA-2017-0014, PAN-SA-2017-0016, RHSA-2017:0286-01, RHSA-2018:2568-01, RHSA-2018:2575-01, SA141, SA40423, SB10188, SSA:2017-041-02, SUSE-SU-2018:0112-1, SUSE-SU-2018:2839-1, SUSE-SU-2018:3082-1, TNS-2017-03, USN-3181-1, VIGILANCE-VUL-21692
Apache Groovy: code execution
An attacker can use a vulnerability of Apache Groovy, in order to run code...
cpuapr2018, cpujan2018, cpujan2019, cpujul2019, cpuoct2017, CVE-2016-6814, DLA-794-1, FEDORA-2017-1ce2a05ff1, FEDORA-2017-33c8085c5d, FEDORA-2017-661dddc462, FEDORA-2017-cc0e0daf0f, RHSA-2017:0272-01, RHSA-2017:0868-01, RHSA-2017:2486-01, RHSA-2017:2596-01, VIGILANCE-VUL-21640
OpenSSL 1.1: three vulnerabilities
An attacker can use several vulnerabilities of OpenSSL 1.1...
2004036, 2004940, 2011567, 492284, 492616, bulletinapr2017, CERTFR-2018-AVI-343, cisco-sa-20161114-openssl, cpuapr2019, cpujan2018, cpujul2017, CVE-2016-7053, CVE-2016-7054, CVE-2016-7055, ESA-2016-148, ESA-2016-149, FG-IR-17-019, JSA10775, JSA10990, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2018:0458-1, SA40423, VIGILANCE-VUL-21093
OpenSSL 1.0.2i: NULL pointer dereference via CRL
An attacker can force a NULL pointer to be dereferenced via a CRL on an application linked to OpenSSL 1.0.2i, in order to trigger a denial of service...
1996096, 2000095, 2000209, 2003480, 2003620, 2003673, 2008828, CERTFR-2016-AVI-333, cisco-sa-20160927-openssl, cpuapr2017, cpujan2018, cpuoct2017, CVE-2016-7052, FEDORA-2016-97454404fe, FEDORA-2016-a555159613, FreeBSD-SA-16:27.openssl, HPESBHF03856, JSA10759, openSUSE-SU-2016:2496-1, openSUSE-SU-2018:0458-1, SA132, SB10171, SP-CAAAPUE, SPL-129207, SSA:2016-270-01, SUSE-SU-2016:2470-1, SUSE-SU-2016:2470-2, SUSE-SU-2019:14246-1, TNS-2016-16, VIGILANCE-VUL-20701
Our database contains other pages. You can request a free trial to read them.