The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Identity Manager

OpenSSL 1.0.2: information disclosure via 0-byte Record Padding Oracle
An attacker can bypass access restrictions to data via 0-byte Record Padding Oracle of OpenSSL 1.0.2, in order to obtain sensitive information...
1170328, bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-080, CERTFR-2019-AVI-132, CERTFR-2019-AVI-214, CERTFR-2019-AVI-325, cpuapr2019, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-1559, DLA-1701-1, DSA-2019-201, DSA-2020-062, DSA-2020-072, DSA-4400-1, FEDORA-2019-00c25b9379, ibm10876638, ibm10886237, ibm10886659, JSA10949, JSA10993, openSUSE-SU-2019:1076-1, openSUSE-SU-2019:1105-1, openSUSE-SU-2019:1173-1, openSUSE-SU-2019:1175-1, openSUSE-SU-2019:1432-1, openSUSE-SU-2019:1637-1, PAN-SA-2019-0039, RHBUG-1683804, RHBUG-1683807, RHSA-2019:2304-01, RHSA-2019:2471-01, SB10282, SSA:2019-057-01, SSB-439005, STORM-2019-001, SUSE-SU-2019:0572-1, SUSE-SU-2019:0600-1, SUSE-SU-2019:0658-1, SUSE-SU-2019:0803-1, SUSE-SU-2019:0818-1, SUSE-SU-2019:1362-1, SUSE-SU-2019:14091-1, SUSE-SU-2019:14092-1, SUSE-SU-2019:1553-1, SUSE-SU-2019:1608-1, SYMSA1490, TNS-2019-02, USN-3899-1, VIGILANCE-VUL-28600
OpenSSL: information disclosure via ECC Scalar Multiplication
On an Intel processor (VIGILANCE-VUL-27667), an attacker can measure the execution time of the ECC Scalar Multiplication of OpenSSL, in order to obtain the used key...
bulletinjan2019, CERTFR-2018-AVI-607, CERTFR-2019-AVI-242, cpuapr2019, cpuapr2020, cpujan2019, cpujan2020, cpujul2019, CVE-2018-5407, DLA-1586-1, DSA-2019-197, DSA-2020-030, DSA-4348-1, DSA-4355-1, ibm10794537, ibm10875298, ibm10886313, K49711130, openSUSE-SU-2018:3903-1, openSUSE-SU-2018:4050-1, openSUSE-SU-2018:4104-1, openSUSE-SU-2019:0088-1, openSUSE-SU-2019:0234-1, RHSA-2019:0483-01, RHSA-2019:2125-01, SSA:2018-325-01, SUSE-SU-2018:3864-1, SUSE-SU-2018:3864-2, SUSE-SU-2018:3866-1, SUSE-SU-2018:3964-1, SUSE-SU-2018:3989-1, SUSE-SU-2018:4001-1, SUSE-SU-2018:4068-1, SUSE-SU-2018:4274-1, SUSE-SU-2019:0117-1, SUSE-SU-2019:0395-1, SUSE-SU-2019:1553-1, SYMSA1490, TNS-2018-16, TNS-2018-17, USN-3840-1, VIGILANCE-VUL-27760
Intel processors: information disclosure via SMT/Hyper-Threading PortSmash
An attacker can bypass access restrictions to data via SMT/Hyper-Threading PortSmash on an Intel processor, in order to obtain sensitive information...
530514, bulletinjan2019, CERTFR-2019-AVI-242, cpuapr2019, cpuapr2020, cpujan2019, cpujan2020, cpujul2019, CVE-2018-5407, DSA-2018-030, DSA-2019-197, DSA-2020-030, DSA-4348-1, DSA-4355-1, ibm10794537, K49711130, openSUSE-SU-2018:4050-1, openSUSE-SU-2018:4104-1, openSUSE-SU-2019:0088-1, openSUSE-SU-2019:0234-1, RHSA-2019:2125-01, SUSE-SU-2018:3964-1, SUSE-SU-2018:3989-1, SUSE-SU-2018:4001-1, SUSE-SU-2018:4068-1, SUSE-SU-2018:4274-1, SUSE-SU-2019:0117-1, SUSE-SU-2019:0395-1, SUSE-SU-2019:1553-1, USN-3840-1, VIGILANCE-VUL-27667
OpenSSL: information disclosure via DSA Signature Generation
An attacker can bypass access restrictions to data via DSA Signature Generation of OpenSSL, in order to obtain sensitive information...
1170322, bulletinapr2019, bulletinjan2019, CERTFR-2018-AVI-607, cpuapr2019, cpuapr2020, cpujan2019, cpujan2020, cpujul2019, CVE-2018-0734, DSA-2019-197, DSA-2020-030, DSA-2020-062, DSA-4348-1, DSA-4355-1, FEDORA-2019-00c25b9379, ibm10794537, ibm10875298, openSUSE-SU-2018:3890-1, openSUSE-SU-2018:3903-1, openSUSE-SU-2018:4050-1, openSUSE-SU-2018:4104-1, openSUSE-SU-2019:0084-1, openSUSE-SU-2019:0088-1, openSUSE-SU-2019:0138-1, openSUSE-SU-2019:0234-1, openSUSE-SU-2019:1547-1, openSUSE-SU-2019:1814-1, RHSA-2019:2304-01, RHSA-2019:3700-01, SSA:2018-325-01, SUSE-SU-2018:3863-1, SUSE-SU-2018:3864-1, SUSE-SU-2018:3864-2, SUSE-SU-2018:3866-1, SUSE-SU-2018:3964-1, SUSE-SU-2018:3989-1, SUSE-SU-2018:4001-1, SUSE-SU-2018:4068-1, SUSE-SU-2018:4274-1, SUSE-SU-2019:0117-1, SUSE-SU-2019:0395-1, SUSE-SU-2019:1553-1, TNS-2018-16, TNS-2018-17, USN-3840-1, VIGILANCE-VUL-27640
OpenSSL: information disclosure via ECDSA Signature Generation
An attacker can bypass access restrictions to data via ECDSA Signature Generation of OpenSSL, in order to obtain sensitive information...
bulletinjan2019, cpuapr2019, cpujan2020, cpujul2019, CVE-2018-0735, DLA-1586-1, DSA-4348-1, ibm10794537, openSUSE-SU-2018:3890-1, RHSA-2019:3700-01, SUSE-SU-2018:3863-1, SYMSA1490, USN-3840-1, VIGILANCE-VUL-27631
Spring Framework: denial of service via Complex Range Requests
An attacker can generate a fatal error via Complex Range Requests of Spring Framework, in order to trigger a denial of service...
CERTFR-2019-AVI-331, cpuapr2020, cpujan2020, cpujul2019, cpuoct2019, CVE-2018-15756, ibm10957141, VIGILANCE-VUL-27548
Oracle Fusion Middleware: vulnerabilities of October 2018
Several vulnerabilities were announced in Oracle products...
cpuoct2018, CVE-2017-14735, CVE-2018-2902, CVE-2018-2911, CVE-2018-3152, CVE-2018-3168, CVE-2018-3179, CVE-2018-3191, CVE-2018-3197, CVE-2018-3201, CVE-2018-3204, CVE-2018-3210, CVE-2018-3213, CVE-2018-3215, CVE-2018-3238, CVE-2018-3245, CVE-2018-3246, CVE-2018-3248, CVE-2018-3249, CVE-2018-3250, CVE-2018-3252, CVE-2018-3253, CVE-2018-3254, VIGILANCE-VUL-27506
Bouncy Castle Java Cryptography Extension: vulnerability via XMSS Private Keys Deserialization
A vulnerability via XMSS Private Keys Deserialization of Bouncy Castle Java Cryptography Extension was announced...
CERTFR-2019-AVI-325, cpuapr2019, cpuapr2020, cpujan2019, cpujul2019, CVE-2018-1000613, FEDORA-2018-e6894349c9, JSA10939, JSA11023, openSUSE-SU-2018:2131-1, openSUSE-SU-2018:2180-1, openSUSE-SU-2020:0607-1, VIGILANCE-VUL-26596
Spring Framework: information disclosure via Cross-Domain Requests
An attacker can bypass access restrictions to data via Cross-Domain Requests of Spring Framework, in order to obtain sensitive information...
cpuapr2019, cpujan2019, cpujul2019, cpujul2020, cpuoct2018, CVE-2018-11040, VIGILANCE-VUL-26440
Spring Framework: information disclosure via Cross Site Tracing
An attacker can bypass access restrictions to data via Cross Site Tracing of Spring Framework, in order to obtain sensitive information...
cpuapr2019, cpujan2019, cpujul2019, cpujul2020, cpuoct2018, CVE-2018-11039, VIGILANCE-VUL-26439
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Identity Manager: