The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle OIT

OpenJPEG: use after free via opj_image_destroy
An attacker can force the usage of a freed memory area via opj_image_destroy() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
bulletinjul2020, cpuoct2020, CVE-2020-15389, DLA-2277-1, USN-4497-1, VIGILANCE-VUL-32797
SQLite: buffer overflow via Query Flattener Optimization
An attacker can trigger a buffer overflow via Query Flattener Optimization of SQLite, in order to trigger a denial of service, and possibly to run code...
cpuoct2020, CVE-2020-15358, USN-4438-1, VIGILANCE-VUL-32637
Apache Ant: file corruption
A local attacker can create a symbolic link, in order to alter the pointed file, with privileges of Apache Ant...
6344075, cpujul2020, cpuoct2020, CVE-2020-1945, FEDORA-2020-52741b0a49, FEDORA-2020-7f07da3fef, openSUSE-SU-2020:1022-1, USN-4380-1, VIGILANCE-VUL-32379
SQLite: three vulnerabilities
An attacker can use several vulnerabilities of SQLite...
cpujul2020, cpuoct2020, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, DLA-2340-1, FEDORA-2020-0477f8840e, FreeBSD-SA-20:22.sqlite, USN-4394-1, VIGILANCE-VUL-32354
JasPer: denial of service via jpc_dec_process_sot
An attacker can trigger a fatal error via jpc_dec_process_sot() of JasPer, in order to trigger a denial of service...
cpuapr2020, cpuoct2020, CVE-2018-9154, openSUSE-SU-2020:0734-1, SUSE-SU-2020:1420-1, SUSE-SU-2020:2690-1, VIGILANCE-VUL-32342
Dom4J: external XML entity injection via SaxReader
An attacker can transmit malicious XML data via SaxReader() to Dom4J, in order to read a file, scan sites, or trigger a denial of service...
cpuoct2020, CVE-2020-10683, DLA-2191-1, openSUSE-SU-2020:0719-1, RHSA-2020:3461-01, RHSA-2020:3462-01, RHSA-2020:3463-01, RHSA-2020:3464-01, RHSA-2020:3495-01, RHSA-2020:3496-01, RHSA-2020:3497-01, RHSA-2020:3501-01, RHSA-2020:3637-01, RHSA-2020:3638-01, RHSA-2020:3639-01, RHSA-2020:3642-01, USN-4575-1, VIGILANCE-VUL-32161
Apache log4j: Man-in-the-Middle via SmtpAppender
An attacker can act as a Man-in-the-Middle via SmtpAppender on Apache log4j, in order to read or write data in the session...
cpujul2020, cpuoct2020, CVE-2020-9488, VIGILANCE-VUL-32095
FasterXML jackson-databind: denial of service via Commons-jelly Embedded Serialization Gadgets Typing
An attacker can trigger a fatal error via Commons-jelly Embedded Serialization Gadgets Typing of FasterXML jackson-databind, in order to trigger a denial of service...
cpujul2020, CVE-2020-11620, DLA-2179-1, VIGILANCE-VUL-32067
FasterXML jackson-databind: denial of service via Spring-aop MethodLocatingFactoryBean Serialization Gadgets Typing
An attacker can trigger a fatal error via Spring-aop MethodLocatingFactoryBean Serialization Gadgets Typing of FasterXML jackson-databind, in order to trigger a denial of service...
cpujul2020, CVE-2020-11619, DLA-2179-1, VIGILANCE-VUL-32066
FasterXML jackson-databind: denial of service via Openjpa WASRegistryManagedRuntime Serialization Gadgets Typing
An attacker can trigger a fatal error via Openjpa WASRegistryManagedRuntime Serialization Gadgets Typing of FasterXML jackson-databind, in order to trigger a denial of service...
cpujul2020, cpuoct2020, CVE-2020-11113, DLA-2179-1, VIGILANCE-VUL-32065
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle OIT: