The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle

curl on MS-Windows: buffer overflow via an URL of scheme file
An attacker can generate a buffer overflow via an URL of scheme file in curl, in order to trigger a denial of service, and possibly to run code...
CVE-2017-9502, JSA10874, VIGILANCE-VUL-22977
libcurl: TLS session resume even if the certificate changed
The TLS client of libcurl can reuse a session even if the client certificate changed, which may lead to the authentication with an incorrect identity...
APPLE-SA-2017-07-19-2, CVE-2017-7468, HT207922, STORM-2019-002, USN-3262-1, VIGILANCE-VUL-22500
curl: information disclosure via --write-out
A local attacker can read a memory fragment via --write-out of curl, in order to obtain sensitive information...
bulletinjul2018, cpuoct2018, CVE-2017-7407, DLA-883-1, DSA-2019-114, DSA-2020-030, FEDORA-2017-b38b98727e, JSA10874, openSUSE-SU-2017:1105-1, RHSA-2018:3558-01, USN-3441-1, USN-3441-2, VIGILANCE-VUL-22327
LibreOffice: information disclosure via object previews of linked objects
An attacker can make a user open a LibreOffice document including links to external files, in order to get sensitive information...
CVE-2017-3157, DLA-910-1, DSA-3792-1, DSA-3837-1, RHSA-2017:0914-01, RHSA-2017:0979-01, USN-3210-1, VIGILANCE-VUL-21945
curl: Man-in-the-Middle with SSL_VERIFYSTATUS
An attacker can act as a Man-in-the-Middle on curl with CURLOPT_SSL_VERIFYSTATUS, in order to read or write data in the session...
APPLE-SA-2017-07-19-2, CVE-2017-2629, HT207922, STORM-2019-002, VIGILANCE-VUL-21925
cURL: three vulnerabilities
An attacker can use several vulnerabilities of cURL...
APPLE-SA-2017-07-19-2, cpuoct2018, CVE-2016-9586, CVE-2016-9952, CVE-2016-9953, DLA-1568-1, DLA-767-1, DSA-2019-114, DSA-2020-030, FEDORA-2016-86d2b5aefb, FEDORA-2016-edbb33ab2e, HT207615, HT207922, JSA10874, openSUSE-SU-2017:1105-1, RHSA-2018:3558-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-21435
Curl: multiple vulnerabilities
An attacker can use several vulnerabilities of Curl...
2001818, 2009692, bulletinapr2018, CERTFR-2019-AVI-325, cpuoct2018, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, DLA-711-1, DSA-2019-114, DSA-2020-030, DSA-3705-1, FEDORA-2016-e8e8cdb4ed, HT207423, JSA10874, JSA10951, K01006862, K10196624, K26899353, K44503763, K46123931, K52828640, MIGR-5099570, openSUSE-SU-2016:2768-1, RHSA-2018:3558-01, SSA:2016-308-01, STORM-2019-002, SUSE-SU-2016:2699-1, SUSE-SU-2016:2714-1, USN-3123-1, VIGILANCE-VUL-20989
OpenSSL: denial of service via SSL3_AL_WARNING
An attacker can send SSL3_AL_WARNING packets to an SSLv3 application linked to OpenSSL, in order to trigger a denial of service...
1996096, 2000095, 2003480, 2003620, 2003673, 2004940, 2009389, bulletinoct2016, cpujan2020, cpujul2019, CVE-2016-8610, DLA-814-1, DSA-2019-197, DSA-2020-030, DSA-2020-062, DSA-3773-1, FEDORA-2017-3451dbec48, FEDORA-2017-e853b4144f, FreeBSD-SA-16:35.openssl, HPESBHF03897, JSA10808, JSA10809, JSA10810, JSA10811, JSA10813, JSA10814, JSA10816, JSA10817, JSA10818, JSA10820, JSA10821, JSA10822, JSA10825, openSUSE-SU-2017:0386-1, openSUSE-SU-2017:0487-1, openSUSE-SU-2018:4104-1, PAN-SA-2017-0017, pfSense-SA-17_03.webgui, RHSA-2017:0286-01, RHSA-2017:0574-01, RHSA-2017:1548-01, RHSA-2017:1549-01, RHSA-2017:1550-01, RHSA-2017:1551-01, RHSA-2017:1552-01, RHSA-2017:1658-01, RHSA-2017:1659-01, RHSA-2017:2493-01, RHSA-2017:2494-01, SA40886, SP-CAAAPUE, SPL-129207, SUSE-SU-2017:0304-1, SUSE-SU-2017:0348-1, SUSE-SU-2018:0112-1, SUSE-SU-2018:3864-1, SUSE-SU-2018:3864-2, SUSE-SU-2018:3964-1, SUSE-SU-2018:3994-1, SUSE-SU-2018:4068-1, SUSE-SU-2018:4274-1, SUSE-SU-2019:1553-1, USN-3181-1, USN-3183-1, USN-3183-2, VIGILANCE-VUL-20941
OpenOffice: two vulnerabilities via Windows Installer
An attacker can use several vulnerabilities via Windows Installer of OpenOffice...
CERTFR-2016-AVI-346, CVE-2016-6803, CVE-2016-6804, VIGILANCE-VUL-20863
libcurl: integer overflow via curl_escape
An attacker can generate an integer overflow via functions of the curl_escape() family of libcurl, in order to trigger a denial of service, and possibly to run code...
bulletinoct2016, cpuoct2018, CVE-2016-7167, DLA-1568-1, DLA-625-1, DSA-2019-114, DSA-2020-030, FEDORA-2016-7a2ed52d41, FEDORA-2016-80f4f71eff, HT207423, JSA10874, openSUSE-SU-2016:2768-1, RHSA-2017:2016-01, RHSA-2018:3558-01, SSA:2016-259-01, STORM-2019-002, SUSE-SU-2016:2699-1, SUSE-SU-2016:2714-1, USN-3123-1, VIGILANCE-VUL-20606
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle