Vulnerabilities > Oracle > Database
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-15 | CVE-2020-2978 | Unspecified vulnerability in Oracle Database Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. | 4.1 |
2020-05-20 | CVE-2020-9484 | Deserialization of Untrusted Data vulnerability in multiple products When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. | 7.0 |
2019-09-18 | CVE-2019-3740 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. | 6.5 |
2019-09-18 | CVE-2019-3739 | Cryptographic Issues vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. | 6.5 |
2019-09-18 | CVE-2019-3738 | Missing Required Cryptographic Step vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. | 6.5 |
2019-04-23 | CVE-2019-2619 | Unspecified vulnerability in Oracle Database Vulnerability in the Portable Clusterware component of Oracle Database Server. | 4.6 |
2019-01-16 | CVE-2019-2444 | Unspecified vulnerability in Oracle Database 12.1.0.2/12.2.0.1/18C Vulnerability in the Core RDBMS component of Oracle Database Server. local oracle | 4.4 |
2019-01-16 | CVE-2019-2406 | Unspecified vulnerability in Oracle Database 12.1.0.2/12.2.0.1/18C Vulnerability in the Core RDBMS component of Oracle Database Server. | 6.5 |
2018-07-26 | CVE-2018-1288 | In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss. | 5.4 |
2017-10-19 | CVE-2017-10321 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1 Vulnerability in the Core RDBMS component of Oracle Database Server. | 4.6 |