VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
> Http Server
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-12-13
CVE-2021-43818
lxml is a library for processing XML and HTML in the Python language.
network
low complexity
lxml
fedoraproject
debian
netapp
oracle
7.1
7.1
2021-12-07
CVE-2021-42717
Uncontrolled Recursion vulnerability in multiple products
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects.
network
low complexity
trustwave
f5
debian
oracle
CWE-674
7.5
7.5
2021-10-27
CVE-2021-25219
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance.
network
low complexity
isc
debian
fedoraproject
netapp
siemens
oracle
5.3
5.3
2021-09-26
CVE-2021-41617
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected.
local
high complexity
openbsd
fedoraproject
netapp
oracle
starwindsoftware
7.0
7.0
2021-09-16
CVE-2021-34798
NULL Pointer Dereference vulnerability in multiple products
Malformed requests may cause the server to dereference a NULL pointer.
network
low complexity
apache
fedoraproject
debian
netapp
tenable
oracle
broadcom
siemens
CWE-476
7.5
7.5
2021-09-16
CVE-2021-36160
Out-of-bounds Read vulnerability in multiple products
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).
network
low complexity
apache
fedoraproject
debian
netapp
oracle
broadcom
CWE-125
7.5
7.5
2021-09-16
CVE-2021-39275
Out-of-bounds Write vulnerability in multiple products
ap_escape_quotes() may write beyond the end of a buffer when given malicious input.
network
low complexity
apache
fedoraproject
debian
netapp
oracle
siemens
CWE-787
critical
9.8
9.8
2021-09-16
CVE-2021-40438
Server-Side Request Forgery (SSRF) vulnerability in multiple products
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user.
network
high complexity
apache
fedoraproject
debian
netapp
broadcom
f5
oracle
siemens
tenable
CWE-918
critical
9.0
9.0
2021-08-23
CVE-2021-35940
Out-of-bounds Read vulnerability in multiple products
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613).
local
low complexity
apache
oracle
CWE-125
7.1
7.1
2020-12-16
CVE-2020-5360
Out-of-bounds Read vulnerability in multiple products
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability.
network
low complexity
dell
oracle
CWE-125
7.5
7.5
«
Previous
1
2
3
4
(current)
5
6
7
»
Next