Oracle

Communications Ip Service Activator

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2021-45105

Warnung
  • EPSS 65.66%
  • Veröffentlicht 18.12.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:31:58

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...

5.1

CVE-2021-2351

Exploit
  • EPSS 3.54%
  • Veröffentlicht 21.07.2021 15:15:21
  • Zuletzt bearbeitet 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

7.5

CVE-2019-12402

  • EPSS 0.38%
  • Veröffentlicht 30.08.2019 09:15:17
  • Zuletzt bearbeitet 21.11.2024 04:22:45

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names insi...

9.8

CVE-2019-13990

  • EPSS 10.42%
  • Veröffentlicht 26.07.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:50

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

7.5

CVE-2019-5427

Exploit
  • EPSS 6.91%
  • Veröffentlicht 22.04.2019 21:29:00
  • Zuletzt bearbeitet 05.09.2025 17:23:58

c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.

7.5

CVE-2018-15769

  • EPSS 1.54%
  • Veröffentlicht 16.11.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:26

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients dur...

9.8

CVE-2018-11058

  • EPSS 1.73%
  • Veröffentlicht 14.09.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:35

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote att...

7.5

CVE-2018-11054

  • EPSS 2.35%
  • Veröffentlicht 31.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:34

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

5.5

CVE-2018-11055

  • EPSS 0.09%
  • Veröffentlicht 31.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:34

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability. Decoded PKCS #12 data in heap memory is not zeroized by...

6.5

CVE-2018-11056

  • EPSS 1.96%
  • Veröffentlicht 31.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:35

RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote...