Vulnerabilities > Oracle > Tuxedo > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-01-18 CVE-2022-23305 SQL Injection vulnerability in multiple products
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout.
network
low complexity
apache netapp broadcom qos oracle CWE-89
critical
9.8
2017-11-14 CVE-2017-10269 Unspecified vulnerability in Oracle Tuxedo
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core).
network
low complexity
oracle
critical
10.0
2017-11-14 CVE-2017-10272 Unspecified vulnerability in Oracle Tuxedo
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core).
network
low complexity
oracle
critical
9.9