Oracle

Enterprise Manager Base Platform

135 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 62.89%
  • Veröffentlicht 16.09.2021 15:15:07
  • Zuletzt bearbeitet 01.05.2025 15:40:05

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

Exploit
  • EPSS 2.5%
  • Veröffentlicht 21.07.2021 15:15:21
  • Zuletzt bearbeitet 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

  • EPSS 8.28%
  • Veröffentlicht 19.05.2021 14:15:07
  • Zuletzt bearbeitet 02.12.2025 22:16:07

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-o...

  • EPSS 3.65%
  • Veröffentlicht 18.05.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:44

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, inte...

  • EPSS 3.5%
  • Veröffentlicht 14.05.2021 20:15:16
  • Zuletzt bearbeitet 21.11.2024 06:21:47

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could...

Exploit
  • EPSS 0.97%
  • Veröffentlicht 22.04.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:02:16

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: UI Framework). The supported version that is affected is 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac...

  • EPSS 6.97%
  • Veröffentlicht 08.12.2020 16:15:11
  • Zuletzt bearbeitet 29.05.2026 16:16:20

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they...

Exploit
  • EPSS 3.67%
  • Veröffentlicht 04.09.2020 00:15:10
  • Zuletzt bearbeitet 21.11.2024 05:16:15

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

  • EPSS 1.1%
  • Veröffentlicht 15.07.2020 18:15:39
  • Zuletzt bearbeitet 21.11.2024 05:26:46

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileg...

  • EPSS 4.49%
  • Veröffentlicht 08.07.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:04

Server-Side Template Injection and arbitrary file disclosure on Camel templating components