Vulnerabilities > Oracle > Enterprise Manager FOR Storage Management > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-25 CVE-2021-3450 Improper Certificate Validation vulnerability in multiple products
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain.
7.4
2021-02-16 CVE-2021-23840 Integer Overflow or Wraparound vulnerability in multiple products
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform.
7.5
2020-04-21 CVE-2020-1967 NULL Pointer Dereference vulnerability in multiple products
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension.
7.5