The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Tuxedo

Mozilla NSS: use after free via Verifying Client Authentication
An attacker can force the usage of a freed memory area via Verifying Client Authentication of Mozilla NSS, in order to trigger a denial of service, and possibly to run code...
bulletinoct2017, cpuapr2018, cpuoct2018, CVE-2017-7805, DLA-1118-1, DLA-1138-1, DSA-2020-030, DSA-3987-1, DSA-3998-1, FEDORA-2017-2e7badfe67, FEDORA-2017-6e2071419d, FEDORA-2019-7f7489dc8c, MFSA-2017-21, MFSA-2017-22, openSUSE-SU-2017:2615-1, openSUSE-SU-2017:2707-1, openSUSE-SU-2017:2710-1, RHSA-2017:2831-01, RHSA-2017:2832-01, SSA:2017-271-01, SSA:2019-247-01, SUSE-SU-2017:2688-1, SUSE-SU-2017:2872-1, SUSE-SU-2017:2872-2, USN-3431-1, USN-3435-1, USN-3435-2, USN-3436-1, VIGILANCE-VUL-23976
Apache Tomcat: code execution via Read-write Default/WebDAV Servlet
An attacker can use a vulnerability via Read-write Default/WebDAV Servlet of Apache Tomcat, in order to run code...
504539, 61542, CERTFR-2017-AVI-332, cpuapr2018, cpuapr2019, cpujan2018, cpujul2018, CVE-2017-12617, DLA-1166-1, DLA-1166-2, ESA-2017-097, FEDORA-2017-ef7c118dbc, FEDORA-2017-f499ee7b12, openSUSE-SU-2017:3069-1, RHSA-2017:3080-01, RHSA-2017:3081-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2018:0465-01, RHSA-2018:0466-01, SB10218, SUSE-SU-2017:3039-1, SUSE-SU-2017:3059-1, SUSE-SU-2017:3279-1, USN-3665-1, VIGILANCE-VUL-23883
Apache httpd: information disclosure via htaccess Limit Optionsbleed
When Apache httpd hosts an .htaccess file with the Limit option, an OPTIONS query can retrieve an extract of the service memory...
2009782, bulletinjan2018, CERTFR-2017-AVI-336, cpujan2018, cpujan2019, CVE-2017-9798, DLA-1102-1, DSA-2019-131, DSA-2019-197, DSA-3980-1, FEDORA-2017-a52f252521, HT208331, HT208394, JSA10838, openSUSE-SU-2017:2549-1, openSUSE-SU-2018:1057-1, RHSA-2017:2882-01, RHSA-2017:2972-01, RHSA-2017:3018-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3239-01, RHSA-2017:3240-01, SSA:2017-261-01, Synology-SA-17:56, USN-3425-1, USN-3425-2, VIGILANCE-VUL-23863
OpenSSL: out-of-bounds memory reading via X.509 IPAddressFamily
An attacker can force a read at an invalid address via X.509 IPAddressFamily of OpenSSL, in order to trigger a denial of service, or to obtain sensitive information...
2011879, 2013026, 2014367, bulletinapr2018, CERTFR-2019-AVI-242, cpuapr2018, cpuapr2019, cpujan2018, cpujan2019, cpujul2018, cpujul2019, cpuoct2018, CVE-2017-3735, DSA-4017-1, DSA-4018-1, FEDORA-2017-4cf72e2c11, FEDORA-2017-512a6c5aae, FEDORA-2017-55a3247cfd, FEDORA-2017-7f30914972, FEDORA-2017-dbec196dd8, FreeBSD-SA-17:11.openssl, HT208331, HT208394, ibm10715641, ibm10738249, JSA10851, JSA10990, K21462542, openSUSE-SU-2017:3192-1, openSUSE-SU-2018:0029-1, openSUSE-SU-2018:0315-1, RHSA-2018:3221-01, SA157, SB10211, SUSE-SU-2017:2968-1, SUSE-SU-2017:2981-1, SUSE-SU-2018:0112-1, SUSE-SU-2019:14246-1, TNS-2017-15, USN-3475-1, VIGILANCE-VUL-23636
Apache Tomcat: information disclosure via Cache Poisoning
An attacker can bypass access restrictions to data via Cache Poisoning of Apache Tomcat, in order to obtain sensitive information...
bulletinoct2017, cpuapr2018, CVE-2017-7674, DLA-1400-1, DLA-1400-2, DSA-3974-1, FEDORA-2017-a00a087fd4, FEDORA-2017-ab0def38cd, HPESBUX03828, openSUSE-SU-2017:3069-1, SUSE-SU-2017:3039-1, SUSE-SU-2017:3059-1, SUSE-SU-2017:3279-1, USN-3519-1, VIGILANCE-VUL-23500
FasterXML jackson-databind: code execution via ObjectMapper readValue Deserialization
An attacker can use a vulnerability via ObjectMapper readValue() Deserialization of FasterXML jackson-databind, in order to run code...
5048, cpuapr2018, cpuapr2019, cpujan2019, cpujul2018, cpuoct2018, CVE-2017-7525, DLA-2091-1, DSA-4004-1, FEDORA-2017-6a75c816fa, FEDORA-2017-8df9efed5f, FEDORA-2017-f452765e1e, FEDORA-2018-bbf8c38b51, FEDORA-2018-e4b025841e, ibm10715641, ibm10738249, RHSA-2017:1834-01, RHSA-2017:1835-01, RHSA-2017:1836-01, RHSA-2017:1837-01, RHSA-2017:1839-01, RHSA-2017:1840-01, RHSA-2017:2477-01, RHSA-2017:2546-01, RHSA-2017:2547-01, RHSA-2017:2633-01, RHSA-2017:2635-01, RHSA-2017:2636-01, RHSA-2017:2637-01, RHSA-2017:2638-01, RHSA-2017:3454-01, RHSA-2017:3455-01, RHSA-2017:3456-01, RHSA-2017:3458-01, RHSA-2018:0294-01, RHSA-2018:1447-01, RHSA-2018:1448-01, RHSA-2018:1449-01, RHSA-2018:1450-01, RHSA-2018:1451-01, VIGILANCE-VUL-23406
Oracle Fusion Middleware: vulnerabilities of July 2017
Several vulnerabilities were announced in Oracle Fusion Middleware...
cpujul2017, CVE-2011-2730, CVE-2013-2027, CVE-2017-10024, CVE-2017-10025, CVE-2017-10028, CVE-2017-10029, CVE-2017-10030, CVE-2017-10035, CVE-2017-10040, CVE-2017-10041, CVE-2017-10043, CVE-2017-10048, CVE-2017-10058, CVE-2017-10059, CVE-2017-10063, CVE-2017-10075, CVE-2017-10119, CVE-2017-10123, CVE-2017-10137, CVE-2017-10141, CVE-2017-10147, CVE-2017-10148, CVE-2017-10156, CVE-2017-10157, CVE-2017-10178, VIGILANCE-VUL-23287
SQLite: out-of-bounds memory reading via getNodeSize
An attacker can force a read at an invalid address via getNodeSize() of SQLite, in order to trigger a denial of service, or to obtain sensitive information...
1700937, APPLE-SA-2017-09-19-1, APPLE-SA-2017-09-25-1, APPLE-SA-2017-09-25-4, cpujul2018, CVE-2017-10989, DLA-1018-1, DLA-1633-1, FEDORA-2017-357f9df699, FEDORA-2017-447e926933, FEDORA-2017-9b752904ed, HT208144, openSUSE-SU-2019:1426-1, SUSE-SU-2019:1208-1, SUSE-SU-2019:1522-1, USN-4019-1, USN-4019-2, VIGILANCE-VUL-23178
Apache Tomcat: error page tampering
An attacker can trigger an HTTP error in Apache Tomcat, in order to corrupt the error page documents...
bulletinjul2017, cpuapr2018, cpuapr2019, cpujul2019, CVE-2017-5664, DLA-996-1, DSA-3891-1, DSA-3892-1, FEDORA-2017-63789c8c29, FEDORA-2017-e4638a345c, HPESBUX03828, JSA10838, KM03302206, openSUSE-SU-2017:3069-1, RHSA-2017:1801-01, RHSA-2017:1802-01, RHSA-2017:1809-01, RHSA-2017:2493-01, RHSA-2017:2494-01, RHSA-2017:2633-01, RHSA-2017:2635-01, RHSA-2017:2636-01, RHSA-2017:2637-01, RHSA-2017:2638-01, RHSA-2017:3080-01, RHSA-2017:3081-01, SA156, SUSE-SU-2017:3039-1, SUSE-SU-2017:3059-1, SUSE-SU-2017:3279-1, SUSE-SU-2018:1847-1, USN-3519-1, VIGILANCE-VUL-22907
FreeType: buffer overflow via t1_builder_close_contour
An attacker can generate a buffer overflow via t1_builder_close_contour() of FreeType, in order to trigger a denial of service, and possibly to run code...
cpuapr2019, cpuapr2020, CVE-2017-8287, DLA-931-1, DSA-3839-1, FEDORA-2017-5760b80676, FEDORA-2017-950cc68400, openSUSE-SU-2018:0420-1, SSA:2017-136-01, SUSE-SU-2018:0414-1, USN-3282-1, USN-3282-2, VIGILANCE-VUL-22601
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Tuxedo: