Oracle

Oss Support Tools

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
1.2

CVE-2022-21405

  • EPSS 0.13%
  • Veröffentlicht 19.04.2022 21:15:14
  • Zuletzt bearbeitet 21.11.2024 06:44:37

Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is affected is 18.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure whe...

6.5

CVE-2021-41973

  • EPSS 0.62%
  • Veröffentlicht 01.11.2021 09:15:09
  • Zuletzt bearbeitet 21.11.2024 06:27:00

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Pleas...

5.1

CVE-2021-2351

Exploit
  • EPSS 3.54%
  • Veröffentlicht 21.07.2021 15:15:21
  • Zuletzt bearbeitet 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

6.5

CVE-2021-30129

  • EPSS 0.23%
  • Veröffentlicht 12.07.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:03:21

A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed i...

4

CVE-2021-2303

  • EPSS 0.84%
  • Veröffentlicht 22.04.2021 22:15:17
  • Zuletzt bearbeitet 21.11.2024 06:02:50

Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Diagnostic Assistant). The supported version that is affected is Prior to 2.12.41. Easily exploitable vulnerability allows high privileged attacker with network access...

5.8

CVE-2021-29425

Exploit
  • EPSS 0.48%
  • Veröffentlicht 13.04.2021 07:15:12
  • Zuletzt bearbeitet 21.11.2024 06:01:04

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but ...

5.9

CVE-2021-27568

Exploit
  • EPSS 0.52%
  • Veröffentlicht 23.02.2021 02:15:12
  • Zuletzt bearbeitet 21.11.2024 05:58:12

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs us...

6.1

CVE-2020-11023

Warnung Exploit
  • EPSS 21.32%
  • Veröffentlicht 29.04.2020 21:15:11
  • Zuletzt bearbeitet 24.01.2025 02:00:02

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...

6.1

CVE-2019-10219

  • EPSS 1.67%
  • Veröffentlicht 08.11.2019 15:15:11
  • Zuletzt bearbeitet 07.07.2025 14:15:21

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

9.8

CVE-2019-5482

  • EPSS 10.79%
  • Veröffentlicht 16.09.2019 19:15:10
  • Zuletzt bearbeitet 21.11.2024 04:45:01

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.