Vulnerabilities > Oracle > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-26 CVE-2022-23990 Integer Overflow or Wraparound vulnerability in multiple products
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
7.5
2022-01-19 CVE-2022-21392 Unspecified vulnerability in Oracle Enterprise Manager Base Platform 13.4.0.0/13.5.0.0
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework).
local
low complexity
oracle
8.8
2022-01-18 CVE-2021-4083 Race Condition vulnerability in multiple products
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition.
local
high complexity
linux netapp debian oracle CWE-362
7.0
2022-01-18 CVE-2022-23302 Deserialization of Untrusted Data vulnerability in multiple products
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to.
network
low complexity
apache netapp broadcom qos oracle CWE-502
8.8
2022-01-18 CVE-2022-23307 Deserialization of Untrusted Data vulnerability in multiple products
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw.
network
low complexity
apache qos oracle CWE-502
8.8
2021-12-30 CVE-2021-4181 Out-of-bounds Read vulnerability in multiple products
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian oracle CWE-125
7.5
2021-12-30 CVE-2021-4182 Infinite Loop vulnerability in multiple products
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject oracle CWE-835
7.5
2021-12-30 CVE-2021-4184 Infinite Loop vulnerability in multiple products
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian oracle CWE-835
7.5
2021-12-30 CVE-2021-4185 Infinite Loop vulnerability in multiple products
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
network
low complexity
wireshark fedoraproject debian oracle CWE-835
7.5
2021-12-25 CVE-2021-45485 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
network
low complexity
linux netapp oracle CWE-327
7.5