VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Timesten IN Memory Database
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-11-08
CVE-2021-41772
Improper Input Validation vulnerability in multiple products
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field.
network
low complexity
golang
fedoraproject
oracle
CWE-20
7.5
7.5
2021-08-07
CVE-2021-29923
Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation.
network
low complexity
golang
oracle
fedoraproject
7.5
7.5
2020-10-01
CVE-2020-11979
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them.
network
low complexity
apache
gradle
fedoraproject
oracle
7.5
7.5
2020-08-30
CVE-2020-7712
OS Command Injection vulnerability in multiple products
This affects the package json before 10.0.0.
network
low complexity
joyent
oracle
CWE-78
7.2
7.2
2019-07-19
CVE-2019-1010239
NULL Pointer Dereference vulnerability in multiple products
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions.
network
low complexity
cjson-project
oracle
CWE-476
7.5
7.5
2018-11-16
CVE-2018-15769
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue.
network
low complexity
dell
oracle
7.5
7.5
2018-08-31
CVE-2018-11054
Integer Overflow or Wraparound vulnerability in multiple products
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability.
network
low complexity
dell
oracle
CWE-190
7.5
7.5
2017-11-13
CVE-2016-8610
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake.
network
low complexity
openssl
debian
redhat
netapp
paloaltonetworks
oracle
fujitsu
7.5
7.5
2016-04-08
CVE-2016-2381
Improper Input Validation vulnerability in multiple products
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
network
low complexity
perl
debian
oracle
opensuse
canonical
CWE-20
7.5
7.5