The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Identity Management

OpenJPEG: use after free via opj_image_destroy
An attacker can force the usage of a freed memory area via opj_image_destroy() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
bulletinjul2020, cpuoct2020, CVE-2020-15389, DLA-2277-1, USN-4497-1, VIGILANCE-VUL-32797
SQLite: buffer overflow via Query Flattener Optimization
An attacker can trigger a buffer overflow via Query Flattener Optimization of SQLite, in order to trigger a denial of service, and possibly to run code...
bulletinoct2020, cpuoct2020, CVE-2020-15358, HT211931, USN-4438-1, VIGILANCE-VUL-32637
Apache Ant: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of Apache Ant...
6344075, cpujul2020, cpuoct2020, CVE-2020-1945, FEDORA-2020-52741b0a49, FEDORA-2020-7f07da3fef, openSUSE-SU-2020:1022-1, USN-4380-1, VIGILANCE-VUL-32379
SQLite: three vulnerabilities
An attacker can use several vulnerabilities of SQLite...
cpujul2020, cpuoct2020, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, DLA-2340-1, FEDORA-2020-0477f8840e, FreeBSD-SA-20:22.sqlite, HT211931, RHSA-2020:4442-01, USN-4394-1, VIGILANCE-VUL-32354
Dom4J: external XML entity injection via SaxReader
An attacker can transmit malicious XML data via SaxReader() to Dom4J, in order to read a file, scan sites, or trigger a denial of service...
6356447, 6367943, cpuoct2020, CVE-2020-10683, DLA-2191-1, openSUSE-SU-2020:0719-1, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, USN-4575-1, VIGILANCE-VUL-32161
Apache log4j: Man-in-the-Middle via SmtpAppender
An attacker can act as a Man-in-the-Middle via SmtpAppender on Apache log4j, in order to read or write data in the session...
6371652, cpujul2020, cpuoct2020, CVE-2020-9488, VIGILANCE-VUL-32095
jQuery Core: Cross Site Scripting via HtmlPrefilter Regex
An attacker can trigger a Cross Site Scripting via HtmlPrefilter Regex of jQuery Core, in order to run JavaScript code in the context of the web site...
20200601, 20200602, 20200603, 20200604, 20200605, 6217392, 6253319, 6344075, 6367943, CERTFR-2020-AVI-310, CERTFR-2020-AVI-335, cpujul2020, cpuoct2020, CVE-2020-11022, CVE-2020-11023, DRUPAL-SA-CORE-2020-002, DRUPAL-SA-CORE-2020-003, DSA-4693-1, FEDORA-2020-0b32a59b54, FEDORA-2020-11be4b36d4, FEDORA-2020-7dddce530c, FEDORA-2020-8a15713da2, FEDORA-2020-fbb94073a1, K02453220, K66544153, KM03758436, NPM-1518, openSUSE-SU-2020:1060-1, openSUSE-SU-2020:1106-1, openSUSE-SU-2020:1888-1, OSA-2020-14, RHSA-2020:3936-01, RHSA-2020:4670-01, RHSA-2020:4847-01, VIGILANCE-VUL-32007
SQLite: assertion error via Table Renaming
An attacker can force an assertion error via Table Renaming of SQLite, in order to trigger a denial of service...
cpujul2020, cpuoct2020, CVE-2020-11656, FreeBSD-SA-20:22.sqlite, VIGILANCE-VUL-31996
SQLite: denial of service via RenameTokenCheckAll
An attacker can trigger a fatal error via RenameTokenCheckAll of SQLite, in order to trigger a denial of service...
cpujul2020, cpuoct2020, CVE-2020-11656, FreeBSD-SA-20:22.sqlite, VIGILANCE-VUL-31995
SQLite: denial of service via Window Functions
An attacker can trigger a fatal error via Window Functions of SQLite, in order to trigger a denial of service...
cpujul2020, cpuoct2020, CVE-2020-11655, DLA-2203-1, DLA-2340-1, FreeBSD-SA-20:22.sqlite, USN-4394-1, VIGILANCE-VUL-31994
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Identity Management: