Oracle

Essbase

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.2

CVE-2023-22010

  • EPSS 0.18%
  • Veröffentlicht 18.07.2023 21:15:12
  • Zuletzt bearbeitet 21.11.2024 07:44:05

Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4.3.0.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Essba...

5.3

CVE-2023-21944

  • EPSS 0.29%
  • Veröffentlicht 18.04.2023 20:15:15
  • Zuletzt bearbeitet 21.11.2024 07:43:57

Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. S...

5.3

CVE-2023-21943

  • EPSS 0.29%
  • Veröffentlicht 18.04.2023 20:15:14
  • Zuletzt bearbeitet 21.11.2024 07:43:57

Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. S...

5.3

CVE-2023-21942

  • EPSS 0.29%
  • Veröffentlicht 18.04.2023 20:15:14
  • Zuletzt bearbeitet 21.11.2024 07:43:57

Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. S...

5.8

CVE-2022-21508

  • EPSS 0.24%
  • Veröffentlicht 19.07.2022 22:15:09
  • Zuletzt bearbeitet 21.11.2024 06:44:50

Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Essbase executes to...

7.4

CVE-2021-3712

Warnung
  • EPSS 0.82%
  • Veröffentlicht 24.08.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:13

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the s...

9.8

CVE-2021-3711

  • EPSS 2.75%
  • Veröffentlicht 24.08.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:12

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen...

8.1

CVE-2021-22901

Exploit
  • EPSS 0.34%
  • Veröffentlicht 11.06.2021 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:50:52

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentia...

3.1

CVE-2021-22898

Exploit
  • EPSS 0.13%
  • Veröffentlicht 11.06.2021 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:50:52

curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NE...

5.3

CVE-2021-22897

Exploit
  • EPSS 1.08%
  • Veröffentlicht 11.06.2021 16:15:10
  • Zuletzt bearbeitet 21.11.2024 05:50:51

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" ...