VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Commerce Guided Search
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-02-01
CVE-2021-43859
Resource Exhaustion vulnerability in multiple products
XStream is an open source java library to serialize objects to XML and back again.
network
low complexity
xstream-project
fedoraproject
debian
oracle
CWE-400
7.5
7.5
2021-10-19
CVE-2021-37136
Resource Exhaustion vulnerability in multiple products
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression).
network
low complexity
netty
quarkus
oracle
netapp
debian
CWE-400
7.5
7.5
2021-10-19
CVE-2021-37137
Resource Exhaustion vulnerability in multiple products
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage.
network
low complexity
netty
oracle
quarkus
netapp
debian
CWE-400
7.5
7.5
2021-09-29
CVE-2021-22946
Cleartext Transmission of Sensitive Information vulnerability in multiple products
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl).
network
low complexity
haxx
debian
fedoraproject
netapp
oracle
apple
siemens
splunk
CWE-319
7.5
7.5
2021-09-19
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element.
network
low complexity
apache
debian
oracle
7.5
7.5
2021-08-23
CVE-2021-39150
XStream is a simple library to serialize objects to XML and back again.
network
high complexity
xstream-project
fedoraproject
debian
netapp
oracle
8.5
8.5
2021-08-23
CVE-2021-39152
XStream is a simple library to serialize objects to XML and back again.
network
high complexity
xstream-project
fedoraproject
debian
netapp
oracle
8.5
8.5
2021-08-23
CVE-2021-39139
XStream is a simple library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
netapp
oracle
8.8
8.8
2021-08-23
CVE-2021-39141
XStream is a simple library to serialize objects to XML and back again.
network
high complexity
xstream-project
debian
fedoraproject
netapp
oracle
8.5
8.5
2021-08-23
CVE-2021-39144
Deserialization of Untrusted Data vulnerability in multiple products
XStream is a simple library to serialize objects to XML and back again.
network
high complexity
xstream-project
debian
fedoraproject
netapp
oracle
CWE-502
8.5
8.5
«
1
(current)
2
3
»
Next