Vulnerabilities > Oracle > Tuxedo > 12.1.1.0.0

DATE CVE VULNERABILITY TITLE RISK
2019-05-01 CVE-2019-0227 Server-Side Request Forgery (SSRF) vulnerability in multiple products
A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006.
high complexity
apache oracle CWE-918
7.5
2018-11-15 CVE-2018-5407 Information Exposure Through Discrepancy vulnerability in multiple products
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
4.7
2018-10-30 CVE-2018-0734 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
2018-10-29 CVE-2018-0735 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
2018-08-02 CVE-2018-8032 Cross-site Scripting vulnerability in multiple products
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
network
low complexity
apache oracle debian CWE-79
6.1