Vulnerabilities > Oracle > Timesten IN Memory Database > 18.1.4.1.0

DATE CVE VULNERABILITY TITLE RISK
2021-08-08 CVE-2021-36221 Race Condition vulnerability in multiple products
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
network
high complexity
golang fedoraproject debian oracle siemens CWE-362
5.9
5.9
2021-08-07 CVE-2021-29923 Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation.
network
low complexity
golang oracle fedoraproject
7.5
7.5
2021-07-15 CVE-2021-34558 Improper Certificate Validation vulnerability in multiple products
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
network
low complexity
golang fedoraproject netapp oracle CWE-295
6.5
6.5
2020-08-30 CVE-2020-7712 OS Command Injection vulnerability in multiple products
This affects the package json before 10.0.0.
network
low complexity
joyent oracle CWE-78
7.2
7.2
2018-11-16 CVE-2018-15769 RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue.
network
low complexity
dell oracle
7.5
7.5
2018-09-14 CVE-2018-11058 Out-of-bounds Read vulnerability in multiple products
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data.
network
low complexity
dell oracle CWE-125
critical
 9.8
9.8
2018-08-31 CVE-2018-11057 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption.
network
high complexity
dell oracle CWE-327
5.9
5.9
2018-08-31 CVE-2018-11056 Resource Exhaustion vulnerability in multiple products
RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data.
network
low complexity
dell oracle CWE-400
6.5
6.5
2018-08-31 CVE-2018-11055 Improper Resource Shutdown or Release vulnerability in multiple products
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability.
local
low complexity
dell oracle CWE-404
5.5
5.5
2018-08-31 CVE-2018-11054 Integer Overflow or Wraparound vulnerability in multiple products
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability.
network
low complexity
dell oracle CWE-190
7.5
7.5