Vulnerabilities > Oracle

DATE CVE VULNERABILITY TITLE RISK
2021-11-03 CVE-2020-27820 A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
local
high complexity
linux fedoraproject oracle
4.7
2021-11-01 CVE-2021-41973 Infinite Loop vulnerability in multiple products
In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely.
network
low complexity
apache oracle CWE-835
6.5
2021-10-28 CVE-2021-22096 In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
network
low complexity
vmware netapp oracle
4.3
2021-10-27 CVE-2021-25219 In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance.
network
low complexity
isc debian fedoraproject netapp siemens oracle
5.3
2021-10-26 CVE-2021-41182 jQuery-UI is the official jQuery user interface library. 6.1
2021-10-26 CVE-2021-41183 jQuery-UI is the official jQuery user interface library. 6.1
2021-10-26 CVE-2021-41184 jQuery-UI is the official jQuery user interface library. 6.1
2021-10-25 CVE-2021-21703 Out-of-bounds Write vulnerability in multiple products
In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the main process and write to it, modifying it in a way that would cause the root process to conduct invalid memory reads and writes, which can be used to escalate privileges from local unprivileged user to the root user.
local
high complexity
php debian fedoraproject netapp oracle CWE-787
7.0
2021-10-20 CVE-2021-35589 Unspecified vulnerability in Oracle Solaris 11
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device drivers).
local
low complexity
oracle
6.0
2021-10-20 CVE-2021-35590 Out-of-bounds Write vulnerability in multiple products
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).
high complexity
oracle netapp CWE-787
6.3