Vulnerabilities > Oracle > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-11 | CVE-2020-35167 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | 9.8 |
2022-07-11 | CVE-2020-35166 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | 9.8 |
2022-07-11 | CVE-2020-35163 | Use of Insufficiently Random Values vulnerability in multiple products Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability. | 9.8 |
2022-07-11 | CVE-2020-29508 | Improper Input Validation vulnerability in multiple products Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability. | 9.8 |
2022-07-11 | CVE-2020-29507 | Improper Input Validation vulnerability in multiple products Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. | 9.8 |
2022-07-11 | CVE-2020-29506 | Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. | 9.8 |
2022-06-10 | CVE-2022-25845 | Deserialization of Untrusted Data vulnerability in multiple products The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. | 9.8 |
2022-05-19 | CVE-2022-22978 | Incorrect Authorization vulnerability in multiple products In Spring Security versions 5.5.6 and 5.6.3 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. | 9.8 |
2022-05-03 | CVE-2022-1292 | OS Command Injection vulnerability in multiple products The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. | 9.8 |
2022-04-25 | CVE-2022-23457 | Path Traversal vulnerability in multiple products ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. | 9.8 |