Vulnerabilities > Oracle > Enterprise Manager OPS Center > 12.4.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-16 | CVE-2021-23840 | Integer Overflow or Wraparound vulnerability in multiple products Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. | 7.5 |
| 2021-02-16 | CVE-2021-23839 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products OpenSSL 1.0.2 supports SSLv2. | 3.7 |
| 2021-02-15 | CVE-2021-23336 | HTTP Request Smuggling vulnerability in multiple products The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. | 5.9 |
| 2021-01-20 | CVE-2021-2015 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). network oracle | 5.8 |
| 2021-01-20 | CVE-2021-1999 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). | 1.2 |
| 2021-01-20 | CVE-2021-1993 | Unspecified vulnerability in Oracle products Vulnerability in the Java VM component of Oracle Database Server. | 2.1 |
| 2021-01-19 | CVE-2021-3177 | Classic Buffer Overflow vulnerability in multiple products Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. | 9.8 |
| 2020-12-08 | CVE-2020-1971 | NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. | 5.9 |
| 2020-09-04 | CVE-2020-24977 | Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. | 6.5 |
| 2020-08-07 | CVE-2020-9490 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. | 7.5 |