VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-10-04
CVE-2021-41099
Redis is an open source, in-memory database that persists on disk.
network
high complexity
redis
fedoraproject
debian
netapp
oracle
7.5
7.5
2021-09-29
CVE-2021-22946
Cleartext Transmission of Sensitive Information vulnerability in multiple products
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl).
network
low complexity
haxx
debian
fedoraproject
netapp
oracle
apple
siemens
splunk
CWE-319
7.5
7.5
2021-09-26
CVE-2021-41617
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected.
local
high complexity
openbsd
fedoraproject
netapp
oracle
starwindsoftware
7.0
7.0
2021-09-19
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element.
network
low complexity
apache
debian
oracle
7.5
7.5
2021-09-17
CVE-2021-3807
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
network
low complexity
ansi-regex-project
oracle
7.5
7.5
2021-09-16
CVE-2021-34798
NULL Pointer Dereference vulnerability in multiple products
Malformed requests may cause the server to dereference a NULL pointer.
network
low complexity
apache
fedoraproject
debian
netapp
tenable
oracle
broadcom
siemens
CWE-476
7.5
7.5
2021-09-16
CVE-2021-36160
Out-of-bounds Read vulnerability in multiple products
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS).
network
low complexity
apache
fedoraproject
debian
netapp
oracle
broadcom
CWE-125
7.5
7.5
2021-08-31
CVE-2021-37701
The npm package "tar" (aka node-tar) before versions 4.4.16, 5.0.8, and 6.1.7 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs
debian
oracle
siemens
8.6
8.6
2021-08-31
CVE-2021-37712
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs
debian
oracle
siemens
8.6
8.6
2021-08-31
CVE-2021-37713
The npm package "tar" (aka node-tar) before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability.
local
low complexity
npmjs
oracle
siemens
8.6
8.6
«
Previous
1
2
...
11
12
13
(current)
14
15
...
170
171
»
Next