Latest oracle retail customer insights Vulnerabilities

CVE-2020-29505
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability.
Dell Bsafe Crypto-c-micro-edition<4.1.5
Dell Bsafe Micro-edition-suite<4.5.2
Oracle Retail Customer Insights=15.0.2
Oracle Retail Customer Insights=16.0.2
CVE-2021-45105
Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability
redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el8ea
redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el8
debian/apache-log4j2
debian/apache-log4j2<=2.16.0-1~deb10u1<=2.16.0-1<=2.16.0-1~deb11u1
and 217 more
CVE-2021-42340
Apache Tomcat is vulnerable to a denial of service, caused by a memory leak flaw in WebSocket connections. By sending a specially-crafted request using OutOfMemoryError, a remote attacker could exploi...
redhat/pki-servlet-engine<1:9.0.50-1.el9
redhat/jws5-tomcat<0:9.0.50-3.redhat_00004.1.el7
redhat/jws5-tomcat-native<0:1.2.30-3.redhat_3.el7
redhat/jws5-tomcat-vault<0:1.1.8-4.Final_redhat_00004.1.el7
redhat/jws5-tomcat<0:9.0.50-3.redhat_00004.1.el8
redhat/jws5-tomcat-native<0:1.2.30-3.redhat_3.el8
and 47 more
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unau...
Oracle Advanced Networking Option=12.1.0.2
Oracle Advanced Networking Option=12.2.0.1
Oracle Advanced Networking Option=19c
Oracle Agile Engineering Data Management=6.2.1.0
Oracle Agile PLM=9.3.6
Oracle Agile Product Lifecycle Management for Process=6.2.2.0
and 242 more
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This...
redhat/eap7-apache-cxf<0:3.2.11-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-6.SP3_redhat_00004.1.el6ea
redhat/eap7-hal-console<0:3.0.19-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.14-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-validator<0:6.0.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jackson-annotations<0:2.9.10-1.redhat_00003.1.el6ea
and 779 more
CVE-2019-11358
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted J...
redhat/ansible-tower<0:3.5.2-1.el7a
redhat/cfme<0:5.10.9.1-1.el7cf
redhat/cfme-amazon-smartstate<0:5.10.9.1-1.el7cf
redhat/cfme-appliance<0:5.10.9.1-1.el7cf
redhat/cfme-gemset<0:5.10.9.1-1.el7cf
redhat/ovirt-ansible-hosted-engine-setup<0:1.0.23-1.el7e
and 267 more
CVE-2018-11040
Pivotal Spring Framework could allow a remote attacker to bypass security restrictions, caused by a flaw in AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView. By sending...
IBM GDE<=3.0.0.2
maven/org.springframework:spring-core>=4.3.0<4.3.18
maven/org.springframework:spring-core>=5.0.0<5.0.7
VMware Spring Framework<4.3.18
VMware Spring Framework>=5.0.0<5.0.7
Oracle Agile Product Lifecycle Management=9.3.3
and 48 more
CVE-2018-11039
Pivotal Spring Framework is vulnerable to cross-site tracing, caused by a flaw in the HiddenHttpMethodFilter in Spring MVC. By persuading a victim to visit a specially-crafted Web site, an attacker co...
IBM GDE<=3.0.0.2
maven/org.springframework:spring-web>=4.3.0<4.3.18
maven/org.springframework:spring-web>=5.0.0<5.0.7
VMware Spring Framework<4.3.18
VMware Spring Framework>=5.0.0<5.0.7
Oracle Agile PLM=9.3.3
and 61 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203