Oracle

Oss Support Tools

19 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
1.2

CVE-2022-21405

  • EPSS 0.13%
  • Published 19.04.2022 21:15:14
  • Last modified 21.11.2024 06:44:37

Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is affected is 18.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure whe...

6.5

CVE-2021-41973

  • EPSS 0.62%
  • Published 01.11.2021 09:15:09
  • Last modified 21.11.2024 06:27:00

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Pleas...

5.1

CVE-2021-2351

Exploit
  • EPSS 3.54%
  • Published 21.07.2021 15:15:21
  • Last modified 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

6.5

CVE-2021-30129

  • EPSS 0.23%
  • Published 12.07.2021 12:15:07
  • Last modified 21.11.2024 06:03:21

A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed i...

4

CVE-2021-2303

  • EPSS 0.84%
  • Published 22.04.2021 22:15:17
  • Last modified 21.11.2024 06:02:50

Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Diagnostic Assistant). The supported version that is affected is Prior to 2.12.41. Easily exploitable vulnerability allows high privileged attacker with network access...

5.8

CVE-2021-29425

Exploit
  • EPSS 0.48%
  • Published 13.04.2021 07:15:12
  • Last modified 21.11.2024 06:01:04

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but ...

5.9

CVE-2021-27568

Exploit
  • EPSS 0.52%
  • Published 23.02.2021 02:15:12
  • Last modified 21.11.2024 05:58:12

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs us...

6.1

CVE-2020-11023

Warning Exploit
  • EPSS 21.32%
  • Published 29.04.2020 21:15:11
  • Last modified 24.01.2025 02:00:02

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...

6.1

CVE-2019-10219

  • EPSS 1.67%
  • Published 08.11.2019 15:15:11
  • Last modified 07.07.2025 14:15:21

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

9.8

CVE-2019-5482

  • EPSS 10.79%
  • Published 16.09.2019 19:15:10
  • Last modified 21.11.2024 04:45:01

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.