Vulnerabilities > Oracle

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-09	CVE-2022-0391	Injection vulnerability in multiple products A flaw was found in Python, specifically within the urllib.parse module. network low complexity python netapp fedoraproject oracle CWE-74	7.5
2022-02-01	CVE-2021-43859	Resource Exhaustion vulnerability in multiple products XStream is an open source java library to serialize objects to XML and back again. network low complexity xstream-project fedoraproject debian oracle CWE-400	7.5
2022-01-31	CVE-2022-0286	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux oracle CWE-476	5.5
2022-01-28	CVE-2021-4160	There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. network high complexity openssl debian oracle siemens	5.9
2022-01-28	CVE-2021-4034	Out-of-bounds Write vulnerability in multiple products A local privilege escalation vulnerability was found on polkit's pkexec utility. local low complexity polkit-project redhat canonical suse oracle siemens starwindsoftware CWE-787	7.8
2022-01-27	CVE-2022-23181	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. local high complexity apache oracle debian CWE-367	7.0
2022-01-26	CVE-2022-23990	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. network low complexity libexpat-project tenable oracle debian fedoraproject siemens CWE-190	7.5
2022-01-26	CVE-2021-22570	NULL Pointer Dereference vulnerability in multiple products Nullptr dereference when a null char is present in a proto symbol. local low complexity google debian fedoraproject oracle netapp CWE-476	5.5
2022-01-24	CVE-2022-23437	Infinite Loop vulnerability in multiple products There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. network low complexity apache oracle netapp CWE-835	6.5
2022-01-24	CVE-2022-23852	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. network low complexity libexpat-project netapp tenable debian oracle siemens CWE-190 critical	9.8

Vulnerabilities > Oracle {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Oracle"}]}

Vulnerabilities > Oracle