Latest oracle goldengate Vulnerabilities

CVE-2022-21551
Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate). The supported version that is affected is 21c: prior to 21.7.0.0.0; 19c: prior to 19.1.0.0.220719. Easily exploitable vulnerability a...
Oracle GoldenGate>=19.1.0.0.0<19.1.0.0.220719
Oracle GoldenGate>=21.1.0<21.7.0.0.0
CVE-2022-21442
Vulnerability in Oracle GoldenGate (component: OGG Core Library). The supported version that is affected is Prior to 23.1. Easily exploitable vulnerability allows low privileged attacker with logon to...
Oracle GoldenGate<23.1
CVE-2021-4104
Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2
redhat/log4j<0:1.2.14-6.5.el6_10
redhat/log4j<0:1.2.17-17.el7_4
redhat/log4j<0:1.2.17-16.el7_3
redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6
redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6
redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6
and 219 more
CVE-2021-3749
A Regular Expression Denial of Service (ReDoS) vulnerability was found in the nodejs axios. This flaw allows an attacker to provide crafted input to the trim function, which might cause high resources...
redhat/kiali<0:v1.24.7.redhat1-1.el8
IBM Cognos Analytics 11.2.x<=IBM Cognos Analytics 11.2.x
IBM Cognos Analytics 11.1.x<=IBM Cognos Analytics 11.1.x
npm/axios<0.21.2
redhat/axios<0.21.2
Axios Axios<=0.21.1
and 4 more
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unau...
Oracle Advanced Networking Option=12.1.0.2
Oracle Advanced Networking Option=12.2.0.1
Oracle Advanced Networking Option=19c
Oracle Agile Engineering Data Management=6.2.1.0
Oracle Agile PLM=9.3.6
Oracle Agile Product Lifecycle Management for Process=6.2.2.0
and 242 more
CVE-2021-23017
A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting th...
F5 Nginx>=0.6.18<1.20.1
Openresty Openresty<1.19.3.2
Fedoraproject Fedora=33
Fedoraproject Fedora=34
NetApp ONTAP Select Deploy administration utility
Oracle Blockchain Platform<21.1.2
and 27 more
CVE-2020-14705
Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). The supported version that is affected is Prior to 19.1.0.0.0. Easily exploitable vulnerability all...
Oracle GoldenGate<19.1.0.0.0
CVE-2019-14862
Knockout is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page whic...
Knockoutjs Knockout<=3.4.2
Redhat Decision Manager=7.0
Redhat Process Automation=7.0
Oracle Business Intelligence=5.5.0.0.0
Oracle Business Intelligence=12.2.1.3.0
Oracle Business Intelligence=12.2.1.4.0
and 1 more
CVE-2018-1311
Apache Xerces-C could allow a remote attacker to execute arbitrary code on the system, caused by an use-after-free error during the scanning of external DTDs. By sending a specially crafted file, an a...
Apache Xerces-c\+\+>=3.0.0<=3.2.3
Redhat Enterprise Linux Desktop=6.0
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Eus=7.7
Redhat Enterprise Linux Server=6.0
Redhat Enterprise Linux Server=7.0
and 20 more
CVE-2019-3738
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two...
Dell Bsafe Cert-j<=6.2.4
Dell BSAFE Crypto-J<6.2.5
Dell BSAFE SSL-J<=6.2.4.1
McAfee Threat Intelligence Exchange Server>=2.0.0<=2.3.1
McAfee Threat Intelligence Exchange Server=3.0.0
Oracle Application Performance Management=13.3.0.0
and 36 more
CVE-2019-3739
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially ...
Dell Bsafe Cert-j<=6.2.4
Dell BSAFE Crypto-J<6.2.5
Dell BSAFE SSL-J<=6.2.4.1
Oracle Application Performance Management=13.3.0.0
Oracle Application Performance Management=13.4.0.0
Oracle Communications Network Integrity=7.3.2
and 33 more
CVE-2019-3740
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially...
Dell Bsafe Cert-j<=6.2.4
Dell BSAFE Crypto-J<6.2.5
Dell BSAFE SSL-J<=6.2.4.1
Oracle Application Performance Management=13.3.0.0
Oracle Application Performance Management=13.4.0.0
Oracle Communications Network Integrity=7.3.2
and 41 more
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This...
redhat/eap7-apache-cxf<0:3.2.11-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-6.SP3_redhat_00004.1.el6ea
redhat/eap7-hal-console<0:3.0.19-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.14-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-validator<0:6.0.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jackson-annotations<0:2.9.10-1.redhat_00003.1.el6ea
and 779 more
CVE-2018-2913
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Monitoring Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploit...
Oracle GoldenGate=12.1.2.1.0
Oracle GoldenGate=12.2.0.2.0
Oracle GoldenGate=12.3.0.1.0
CVE-2018-2912
Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulner...
Oracle GoldenGate=12.1.2.1.0
Oracle GoldenGate=12.2.0.2.0
Oracle GoldenGate=12.3.0.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203