Enterprise Manager OPS Center

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-16	CVE-2021-23840	Integer Overflow or Wraparound vulnerability in multiple products Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. network low complexity openssl debian tenable oracle mcafee fujitsu nodejs CWE-190	7.5
2021-02-16	CVE-2021-23839	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products OpenSSL 1.0.2 supports SSLv2. network high complexity openssl oracle siemens CWE-327	3.7
2021-02-15	CVE-2021-23336	HTTP Request Smuggling vulnerability in multiple products The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. network high complexity python fedoraproject debian netapp djangoproject oracle CWE-444	5.9
2021-01-20	CVE-2021-2015	Unspecified vulnerability in Oracle products Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Worklist). network low complexity oracle	8.2
2021-01-20	CVE-2021-1999	Unspecified vulnerability in Oracle products Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). local high complexity oracle	5.0
2021-01-20	CVE-2021-1993	Unspecified vulnerability in Oracle products Vulnerability in the Java VM component of Oracle Database Server. network high complexity oracle	4.8
2021-01-19	CVE-2021-3177	Classic Buffer Overflow vulnerability in multiple products Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. network low complexity python fedoraproject netapp debian oracle CWE-120 critical	9.8
2020-12-08	CVE-2020-1971	NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. network high complexity openssl debian fedoraproject oracle netapp tenable siemens nodejs CWE-476	5.9
2020-09-04	CVE-2020-24977	Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. network low complexity xmlsoft debian fedoraproject opensuse netapp oracle CWE-125	6.5
2020-08-07	CVE-2020-9490	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. network low complexity apache oracle opensuse debian fedoraproject canonical redhat CWE-444	7.5