Vulnerabilities > Oracle > OSS Support Tools > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-02 | CVE-2019-5443 | Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. | 7.8 |
2019-05-28 | CVE-2019-5436 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | 7.8 |
2018-01-18 | CVE-2018-2617 | Unspecified vulnerability in Oracle OSS Support Tools Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). | 7.5 |
2018-01-18 | CVE-2018-2616 | Unspecified vulnerability in Oracle OSS Support Tools Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). | 8.8 |
2018-01-18 | CVE-2018-2615 | Unspecified vulnerability in Oracle OSS Support Tools Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). | 8.8 |