Vulnerabilities > Oracle > Goldengate > 12.3.2.1.1

DATE CVE VULNERABILITY TITLE RISK
2021-06-01 CVE-2021-23017 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
network
high complexity
f5 openresty fedoraproject netapp oracle
7.7
2020-07-15 CVE-2020-14705 Unspecified vulnerability in Oracle Goldengate
Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management).
low complexity
oracle
critical
9.6
2019-12-18 CVE-2018-1311 Use After Free vulnerability in multiple products
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs.
network
high complexity
apache redhat debian oracle fedoraproject CWE-416
8.1
2019-09-18 CVE-2019-3740 Information Exposure Through Discrepancy vulnerability in multiple products
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation.
network
low complexity
dell oracle CWE-203
6.5
2019-09-18 CVE-2019-3739 RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation.
network
low complexity
dell oracle
6.5
2019-09-18 CVE-2019-3738 RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability.
network
low complexity
dell mcafee oracle
6.5
2017-04-17 CVE-2017-5645 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
network
low complexity
apache netapp redhat oracle CWE-502
critical
9.8