Vulnerabilities > Oracle
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-03 | CVE-2019-5063 | Out-of-bounds Write vulnerability in multiple products An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. | 8.8 |
| 2020-01-03 | CVE-2019-20330 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. | 9.8 |
| 2020-01-02 | CVE-2019-14862 | There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. | 6.1 |
| 2020-01-02 | CVE-2019-20218 | Improper Handling of Exceptional Conditions vulnerability in multiple products selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. | 7.5 |
| 2019-12-30 | CVE-2019-17558 | Injection vulnerability in multiple products Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. | 7.5 |
| 2019-12-26 | CVE-2012-4420 | Information Exposure vulnerability in Oracle JDK 7.0 An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). | 7.5 |
| 2019-12-26 | CVE-2019-16789 | HTTP Request Smuggling vulnerability in multiple products In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. | 8.2 |
| 2019-12-24 | CVE-2019-19925 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. | 7.5 |
| 2019-12-24 | CVE-2019-19956 | Memory Leak vulnerability in multiple products xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. | 7.5 |
| 2019-12-24 | CVE-2019-19924 | Improper Handling of Exceptional Conditions vulnerability in multiple products SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. | 5.3 |