Vulnerabilities > Oracle

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-23	CVE-2021-39151	XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle	8.5
2021-08-23	CVE-2021-39153	XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle	8.5
2021-08-23	CVE-2021-39154	XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle	8.5
2021-08-23	CVE-2021-35940	Out-of-bounds Read vulnerability in multiple products An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). local low complexity apache oracle CWE-125	7.1
2021-08-23	CVE-2021-37750	NULL Pointer Dereference vulnerability in multiple products The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.5 and 1.19.x before 1.19.3 has a NULL pointer dereference in kdc/do_tgs_req.c via a FAST inner body that lacks a server field. network low complexity mit fedoraproject debian starwindsoftware oracle CWE-476	6.5
2021-08-18	CVE-2021-21781	Use of Uninitialized Resource vulnerability in multiple products An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. local low complexity linux oracle CWE-908	3.3
2021-08-18	CVE-2021-37714	jsoup is a Java library for working with HTML. network low complexity jsoup quarkus oracle netapp	7.5
2021-08-16	CVE-2021-32827	Cross-site Scripting vulnerability in multiple products MockServer is open source software which enables easy mocking of any system you integrate with via HTTP or HTTPS. network low complexity mock-server oracle CWE-79 critical	9.6
2021-08-16	CVE-2021-22931	Improper Input Validation vulnerability in multiple products Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. network low complexity nodejs netapp oracle siemens CWE-20 critical	9.8
2021-08-16	CVE-2021-22939	Improper Certificate Validation vulnerability in multiple products If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. network low complexity nodejs oracle netapp siemens debian CWE-295	5.3

Vulnerabilities > Oracle {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Oracle"}]}

Vulnerabilities > Oracle