Computer vulnerabilities of Oracle Identity Management

RSA BSAFE Micro Edition Suite: out-of-bounds memory reading via ASN.1 Data
An attacker can force a read at an invalid address via ASN.1 Data of RSA BSAFE Micro Edition Suite, in order to trigger a denial of service, or to obtain sensitive information...
cpujul2019, cpuoct2020, CVE-2018-11058, VIGILANCE-VUL-33645

CKEditor: Cross Site Scripting via HTML Data Processor
An attacker can trigger a Cross Site Scripting via HTML Data Processor of CKEditor, in order to run JavaScript code in the context of the web site...
cpuoct2020, CVE-2020-9281, VIGILANCE-VUL-33637

Apache ActiveMQ: denial of service via Corrupt MQTT Frame
An attacker can trigger a fatal error via Corrupt MQTT Frame of Apache ActiveMQ, in order to trigger a denial of service...
6344071, cpujul2019, CVE-2019-0222, DSA-2019-133, VIGILANCE-VUL-33508

OpenJPEG: use after free via opj_image_destroy
An attacker can force the usage of a freed memory area via opj_image_destroy() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
bulletinjul2020, cpuoct2020, CVE-2020-15389, DLA-2277-1, USN-4497-1, USN-4685-1, VIGILANCE-VUL-32797

SQLite: buffer overflow via Query Flattener Optimization
An attacker can trigger a buffer overflow via Query Flattener Optimization of SQLite, in order to trigger a denial of service, and possibly to run code...
bulletinoct2020, cpujan2021, cpuoct2020, CVE-2020-15358, HT211931, HT212147, USN-4438-1, VIGILANCE-VUL-32637

Apache Tomcat: code execution via PersistenceManager
An attacker can use a vulnerability via PersistenceManager of Apache Tomcat, in order to run code...
CERTFR-2020-AVI-315, CERTFR-2020-AVI-417, cpuoct2020, CVE-2020-9484, DLA-2209-1, DLA-2217-1, DLA-2279-1, DSA-2020-161, DSA-4627-1, ESDSA16092, FEDORA-2020-ce396e7d5c, FEDORA-2020-d9169235a8, NTAP-20200528-0005, openSUSE-SU-2020:0711-1, RHSA-2020:2529-01, RHSA-2020:2530-01, SB10332, USN-4448-1, USN-4596-1, VIGILANCE-VUL-32313

Apache Ant: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of Apache Ant...
6344075, cpujan2021, cpujul2020, cpuoct2020, CVE-2020-1945, FEDORA-2020-52741b0a49, FEDORA-2020-7f07da3fef, openSUSE-SU-2020:1022-1, USN-4380-1, VIGILANCE-VUL-32379

SQLite: three vulnerabilities
An attacker can use several vulnerabilities of SQLite...
cpujul2020, cpuoct2020, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, DLA-2340-1, DLA-2340-2, FEDORA-2020-0477f8840e, FreeBSD-SA-20:22.sqlite, HT211931, RHSA-2020:4442-01, USN-4394-1, VIGILANCE-VUL-32354

OpenSSL: NULL pointer dereference via SSL_check_chain
An attacker can force a NULL pointer to be dereferenced via SSL_check_chain() of OpenSSL, in order to trigger a denial of service...
6235728, 6409294, bulletinjul2020, CERTFR-2020-AVI-235, cpujul2020, cpuoct2020, CVE-2020-1967, DSA-4661-1, FreeBSD-SA-20:11.openssl, JSA11074, openSUSE-SU-2020:0933-1, openSUSE-SU-2020:0945-1, SUSE-SU-2020:1058-1, SUSE-SU-2020:2041-1, VIGILANCE-VUL-32076

Dom4J: external XML entity injection via SaxReader
An attacker can transmit malicious XML data via SaxReader() to Dom4J, in order to read a file, scan sites, or trigger a denial of service...
6356447, 6367943, cpujan2021, cpuoct2020, CVE-2020-10683, DLA-2191-1, openSUSE-SU-2020:0719-1, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, USN-4575-1, VIGILANCE-VUL-32161

Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Identity Management:

https://www.oracle.com/security/identity-management/governance/