Oracle

Goldengate

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2022-21551

  • EPSS 1.39%
  • Veröffentlicht 19.07.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:44:56

Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: prior to 21.7.0.0.0; 19c: prior to 19.1.0.0.220719. Easily exploitable vulnerability allows high privileged attacker with network access...

4.6

CVE-2022-21442

  • EPSS 0.14%
  • Veröffentlicht 19.04.2022 21:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:42

Vulnerability in Oracle GoldenGate (component: OGG Core Library). The supported version that is affected is Prior to 23.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GoldenGate execut...

7.5

CVE-2021-4104

  • EPSS 72.2%
  • Veröffentlicht 14.12.2021 12:15:12
  • Zuletzt bearbeitet 21.11.2024 06:36:54

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppen...

7.8

CVE-2021-3749

Exploit
  • EPSS 8.92%
  • Veröffentlicht 31.08.2021 11:15:07
  • Zuletzt bearbeitet 21.11.2024 06:22:19

axios is vulnerable to Inefficient Regular Expression Complexity

5.1

CVE-2021-2351

Exploit
  • EPSS 3.54%
  • Veröffentlicht 21.07.2021 15:15:21
  • Zuletzt bearbeitet 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

7.7

CVE-2021-23017

  • EPSS 76.12%
  • Veröffentlicht 01.06.2021 13:15:07
  • Zuletzt bearbeitet 21.11.2024 05:51:09

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

9.6

CVE-2020-14705

  • EPSS 0.46%
  • Veröffentlicht 15.07.2020 18:15:34
  • Zuletzt bearbeitet 21.11.2024 05:03:56

Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). The supported version that is affected is Prior to 19.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with access to the ph...

6.1

CVE-2019-14862

Exploit
  • EPSS 0.23%
  • Veröffentlicht 02.01.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 04:27:31

There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.

8.1

CVE-2018-1311

  • EPSS 3.86%
  • Veröffentlicht 18.12.2019 20:15:15
  • Zuletzt bearbeitet 21.11.2024 03:59:36

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disabl...

6.1

CVE-2019-10219

  • EPSS 1.67%
  • Veröffentlicht 08.11.2019 15:15:11
  • Zuletzt bearbeitet 07.07.2025 14:15:21

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.