Oracle

Communications Ip Service Activator

13 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2021-45105

Warning
  • EPSS 65.66%
  • Published 18.12.2021 12:15:07
  • Last modified 21.11.2024 06:31:58

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...

5.1

CVE-2021-2351

Exploit
  • EPSS 3.54%
  • Published 21.07.2021 15:15:21
  • Last modified 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

7.5

CVE-2019-12402

  • EPSS 0.38%
  • Published 30.08.2019 09:15:17
  • Last modified 21.11.2024 04:22:45

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names insi...

9.8

CVE-2019-13990

  • EPSS 10.42%
  • Published 26.07.2019 19:15:11
  • Last modified 21.11.2024 04:25:50

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

7.5

CVE-2019-5427

Exploit
  • EPSS 6.91%
  • Published 22.04.2019 21:29:00
  • Last modified 05.09.2025 17:23:58

c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.

7.5

CVE-2018-15769

  • EPSS 1.54%
  • Published 16.11.2018 21:29:00
  • Last modified 21.11.2024 03:51:26

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients dur...

9.8

CVE-2018-11058

  • EPSS 1.73%
  • Published 14.09.2018 20:29:00
  • Last modified 21.11.2024 03:42:35

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote att...

7.5

CVE-2018-11054

  • EPSS 2.35%
  • Published 31.08.2018 18:29:00
  • Last modified 21.11.2024 03:42:34

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

5.5

CVE-2018-11055

  • EPSS 0.09%
  • Published 31.08.2018 18:29:00
  • Last modified 21.11.2024 03:42:34

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability. Decoded PKCS #12 data in heap memory is not zeroized by...

6.5

CVE-2018-11056

  • EPSS 1.96%
  • Published 31.08.2018 18:29:00
  • Last modified 21.11.2024 03:42:35

RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote...