Vulnerabilities > Oracle

DATE CVE VULNERABILITY TITLE RISK
2021-03-15 CVE-2021-28363 Improper Certificate Validation vulnerability in multiple products
The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies.
network
low complexity
python fedoraproject oracle CWE-295
6.5
6.5
2021-03-15 CVE-2021-22191 Injection vulnerability in multiple products
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
network
low complexity
wireshark oracle debian CWE-74
8.8
8.8
2021-03-12 CVE-2021-27290 ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service.
network
low complexity
ssri-project oracle siemens
7.5
7.5
2021-03-10 CVE-2021-20265 Memory Leak vulnerability in multiple products
A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending.
local
low complexity
linux oracle CWE-401
5.5
5.5
2021-03-10 CVE-2020-13936 An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container.
network
low complexity
apache debian oracle
8.8
8.8
2021-03-09 CVE-2021-21295 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty netapp debian quarkus apache oracle
5.9
5.9
2021-03-08 CVE-2021-22134 Incorrect Authorization vulnerability in multiple products
A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used.
network
low complexity
elastic oracle CWE-863
4.3
4.3
2021-03-07 CVE-2021-27365 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.3.
local
low complexity
linux debian oracle netapp CWE-787
7.8
7.8
2021-03-07 CVE-2021-27364 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.3.
local
low complexity
linux debian netapp oracle canonical CWE-125
7.1
7.1
2021-03-05 CVE-2021-28041 Double Free vulnerability in multiple products
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
network
high complexity
openbsd fedoraproject netapp oracle CWE-415
7.1
7.1