Vulnerabilities > Oracle > Goldengate > 12.3.2.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-19 | CVE-2022-21442 | Unspecified vulnerability in Oracle Goldengate Vulnerability in Oracle GoldenGate (component: OGG Core Library). | 4.6 |
| 2021-06-01 | CVE-2021-23017 | Off-by-one Error vulnerability in multiple products A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. | 7.7 |
| 2020-07-15 | CVE-2020-14705 | Unspecified vulnerability in Oracle Goldengate Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). low complexity oracle | 5.8 |
| 2019-12-18 | CVE-2018-1311 | Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. | 8.1 |
| 2019-09-18 | CVE-2019-3740 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3739 | Cryptographic Issues vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3738 | Missing Required Cryptographic Step vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. | 6.5 |
| 2017-04-17 | CVE-2017-5645 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | 9.8 |