The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle OIT

Apache Ant: information disclosure via Fixcrlf Task Temporary Files Permissions
An attacker can bypass access restrictions to data via Fixcrlf Task Temporary Files Permissions of Apache Ant, in order to obtain sensitive information...
cpujan2021, CVE-2020-11979, FEDORA-2020-3ce0f55bc5, FEDORA-2020-92b1d001b3, VIGILANCE-VUL-33683
RSA BSAFE Micro Edition Suite: out-of-bounds memory reading via ASN.1 Data
An attacker can force a read at an invalid address via ASN.1 Data of RSA BSAFE Micro Edition Suite, in order to trigger a denial of service, or to obtain sensitive information...
cpujul2019, cpuoct2020, CVE-2018-11058, VIGILANCE-VUL-33645
CKEditor: Cross Site Scripting via HTML Data Processor
An attacker can trigger a Cross Site Scripting via HTML Data Processor of CKEditor, in order to run JavaScript code in the context of the web site...
cpuoct2020, CVE-2020-9281, VIGILANCE-VUL-33637
JasPer: assertion error via jpc_abstorelstepsize
An attacker can force an assertion error via jpc_abstorelstepsize() of JasPer, in order to trigger a denial of service...
cpuapr2020, cpuoct2020, CVE-2018-9252, openSUSE-SU-2020:1517-1, openSUSE-SU-2020:1523-1, VIGILANCE-VUL-33520
JasPer: out-of-bounds memory reading via jp2_decode
An attacker can force a read at an invalid address via jp2_decode() of JasPer, in order to trigger a denial of service, or to obtain sensitive information...
cpuapr2020, cpuoct2020, CVE-2018-19543, openSUSE-SU-2020:1517-1, openSUSE-SU-2020:1523-1, VIGILANCE-VUL-33519
Terracotta Quartz Scheduler: external XML entity injection via initDocumentParser
An attacker can transmit malicious XML data via initDocumentParser() to Terracotta Quartz Scheduler, in order to read a file, scan sites, or trigger a denial of service...
6344075, cpuapr2020, cpujul2020, cpuoct2020, CVE-2019-13990, VIGILANCE-VUL-33516
Apache ActiveMQ: Cross Site Scripting via Webconsole Admin GUI
An attacker can trigger a Cross Site Scripting via Webconsole Admin GUI of Apache ActiveMQ, in order to run JavaScript code in the context of the web site...
6344071, cpujul2020, cpuoct2020, CVE-2020-1941, VIGILANCE-VUL-33509
VMware Spring Framework: privilege escalation via RFD Protection Bypass
An attacker can bypass restrictions via RFD Protection Bypass of VMware Spring Framework, in order to escalate his privileges...
cpujan2021, CVE-2020-5421, VIGILANCE-VUL-33361
OpenJPEG: use after free via opj_image_destroy
An attacker can force the usage of a freed memory area via opj_image_destroy() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
bulletinjul2020, cpuoct2020, CVE-2020-15389, DLA-2277-1, USN-4497-1, USN-4685-1, VIGILANCE-VUL-32797
Apache Tomcat: overload via WebSocket
An attacker can trigger an overload via WebSocket of Apache Tomcat, in order to trigger a denial of service...
6344075, bulletinjul2020, CERTFR-2020-AVI-626, cpujan2021, cpuoct2020, CVE-2020-13935, DLA-2286-1, DSA-2020-211, DSA-4627-1, HPESBUX04015, openSUSE-SU-2020:1102-1, openSUSE-SU-2020:1111-1, RHSA-2020:3382-01, RHSA-2020:3383-01, RHSA-2020:4004-01, SB10332, SUSE-SU-2020:2037-1, SUSE-SU-2020:2045-1, SUSE-SU-2020:2046-1, SUSE-SU-2020:2047-1, SUSE-SU-2020:2611-1, USN-4448-1, USN-4596-1, VIGILANCE-VUL-32793
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle OIT: