Vulnerabilities > Oracle > Http Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-2545 | Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). | 5.3 |
| 2020-01-15 | CVE-2020-2530 | Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). | 6.1 |
| 2019-11-08 | CVE-2019-10219 | Cross-site Scripting vulnerability in multiple products A vulnerability was found in Hibernate-Validator. | 6.1 |
| 2019-07-23 | CVE-2019-2751 | Unspecified vulnerability in Oracle Http Server 12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OHS Config MBeans). | 5.9 |
| 2019-06-11 | CVE-2019-0197 | HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. | 4.2 |
| 2018-04-19 | CVE-2018-2760 | Unspecified vulnerability in Oracle Http Server 12.1.3/12.2.1.2 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module). | 5.9 |
| 2018-01-18 | CVE-2018-2561 | Unspecified vulnerability in Oracle Http Server Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). | 5.3 |
| 2015-12-06 | CVE-2015-3195 | Information Exposure vulnerability in multiple products The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. | 5.3 |
| 2013-03-15 | CVE-2013-2566 | Inadequate Encryption Strength vulnerability in multiple products The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. | 5.9 |