Vulnerabilities > Oracle

DATE CVE VULNERABILITY TITLE RISK
2020-12-27 CVE-2020-35728 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
network
high complexity
fasterxml debian netapp oracle CWE-502
8.1
8.1
2020-12-21 CVE-2020-26422 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark oracle CWE-120
5.3
5.3
2020-12-18 CVE-2020-28052 An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66.
network
high complexity
bouncycastle apache oracle
8.1
8.1
2020-12-17 CVE-2020-35491 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.
network
high complexity
fasterxml netapp debian oracle CWE-502
8.1
8.1
2020-12-17 CVE-2020-35490 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.
network
high complexity
fasterxml netapp debian oracle CWE-502
8.1
8.1
2020-12-16 CVE-2020-5360 Out-of-bounds Read vulnerability in multiple products
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability.
network
low complexity
dell oracle CWE-125
7.5
7.5
2020-12-16 CVE-2020-5359 Unchecked Return Value vulnerability in multiple products
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability.
network
low complexity
dell oracle CWE-252
5.8
5.8
2020-12-16 CVE-2020-29363 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in p11-kit 0.23.6 through 0.23.21.
network
low complexity
p11-kit-project debian oracle CWE-787
7.5
7.5
2020-12-14 CVE-2020-35460 Path Traversal vulnerability in multiple products
common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writing of files to arbitrary locations.
network
low complexity
mpxj oracle CWE-22
5.3
5.3
2020-12-14 CVE-2020-8286 Improper Certificate Validation vulnerability in multiple products
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. 		7.5
7.5