12.2.1.3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-15	CVE-2020-2545	Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). network low complexity oracle	5.3
2020-01-15	CVE-2020-2530	Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). network low complexity oracle	6.1
2019-11-08	CVE-2019-10219	A vulnerability was found in Hibernate-Validator. network low complexity redhat netapp oracle	6.1
2019-09-26	CVE-2019-10082	Use After Free vulnerability in multiple products In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. network low complexity apache oracle CWE-416 critical	9.1
2019-09-16	CVE-2019-5482	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. network low complexity haxx fedoraproject opensuse netapp oracle debian CWE-787 critical	9.8
2019-07-23	CVE-2019-2751	Unspecified vulnerability in Oracle Http Server 12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OHS Config MBeans). network high complexity oracle	5.9
2019-07-02	CVE-2019-5443	Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. local low complexity haxx oracle netapp CWE-427	7.8
2019-06-11	CVE-2019-0197	HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. network high complexity apache canonical fedoraproject opensuse redhat oracle CWE-444	4.2
2019-04-08	CVE-2019-0211	Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. local low complexity apache fedoraproject canonical debian opensuse netapp redhat oracle CWE-416	7.8
2019-04-08	CVE-2019-0217	Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. network high complexity apache debian fedoraproject canonical redhat opensuse netapp oracle CWE-362	7.5