Vulnerabilities > Oracle

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-25	CVE-2022-24329	Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects. network low complexity jetbrains oracle CWE-829	5.3
2022-02-24	CVE-2021-44531	Improper Certificate Validation vulnerability in multiple products Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. network high complexity nodejs oracle CWE-295	7.4
2022-02-24	CVE-2021-44532	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. network low complexity nodejs oracle debian CWE-295	5.3
2022-02-24	CVE-2021-44533	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. network low complexity nodejs oracle debian CWE-295	5.3
2022-02-24	CVE-2022-21824	Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". network low complexity nodejs oracle debian netapp	8.2
2022-02-24	CVE-2022-24407	SQL Injection vulnerability in multiple products In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. network low complexity cyrusimap debian fedoraproject netapp oracle CWE-89	8.8
2022-02-24	CVE-2022-25636	Improper Privilege Management vulnerability in multiple products net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. local low complexity linux debian netapp oracle CWE-269	7.8
2022-02-21	CVE-2021-4115	There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. local low complexity polkit-project redhat fedoraproject canonical debian oracle	5.5
2022-02-18	CVE-2021-20322	Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. network high complexity linux fedoraproject debian netapp oracle CWE-330	7.4
2022-02-18	CVE-2022-25313	Uncontrolled Recursion vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. network low complexity libexpat-project debian fedoraproject oracle siemens CWE-674	6.5

Vulnerabilities > Oracle {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Oracle"}]}

Vulnerabilities > Oracle