Vulnerabilities > Oracle > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-25 CVE-2021-3450 Improper Certificate Validation vulnerability in multiple products
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain.
7.4
2021-03-23 CVE-2021-21349 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
8.6
2021-03-23 CVE-2021-21348 Resource Exhaustion vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
7.5
2021-03-23 CVE-2021-21343 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
7.5
2021-03-23 CVE-2021-21341 XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project debian fedoraproject oracle
7.5
2021-03-15 CVE-2021-22191 Injection vulnerability in multiple products
Improper URL handling in Wireshark 3.4.0 to 3.4.3 and 3.2.0 to 3.2.11 could allow remote code execution via via packet injection or crafted capture file.
network
low complexity
wireshark oracle debian CWE-74
8.8
2021-03-12 CVE-2021-27290 ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service.
network
low complexity
ssri-project oracle siemens
7.5
2021-03-10 CVE-2020-13936 An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container.
network
low complexity
apache debian oracle
8.8
2021-03-07 CVE-2021-27365 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.3.
local
low complexity
linux debian oracle netapp CWE-787
7.8
2021-03-07 CVE-2021-27364 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.3.
local
low complexity
linux debian netapp oracle canonical CWE-125
7.1