Latest oracle timesten in-memory database Vulnerabilities

CVE-2021-41772
Golang Go is vulnerable to a denial of service, caused by an out-of-bounds slice situation in the Reader.Open function. By using a specially-crafted ZIP archive containing an invalid name or an empty ...
redhat/go<1.16.10
redhat/go<1.17.3
redhat/openshift-serverless-clients<0:1.1.0-2.el8
redhat/go-toolset<1.16-0:1.16.12-1.el7_9
redhat/go-toolset<1.16-golang-0:1.16.12-1.el7_9
redhat/openshift<0:4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
and 8 more
CVE-2021-36221
Golang Go is vulnerable to a denial of service, caused by a race condition upon an ErrAbortHandler abort. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to ...
IBM Cloud Pak for Security<=1.10.0.0 - 1.10.11.0
IBM QRadar Suite Software<=1.10.12.0 - 1.10.16.0
redhat/go<1.16.7
redhat/go<1.15.15
Golang Go<1.15.15
Golang Go>=1.16.0<1.16.7
and 7 more
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unau...
Oracle Advanced Networking Option=12.1.0.2
Oracle Advanced Networking Option=12.2.0.1
Oracle Advanced Networking Option=19c
Oracle Agile Engineering Data Management=6.2.1.0
Oracle Agile PLM=9.3.6
Oracle Agile Product Lifecycle Management for Process=6.2.2.0
and 242 more
CVE-2021-36374
Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By persuading a victim to open a specially-crafted ZIP archive, a remote a...
maven/org.apache.ant:ant>=1.9.0<1.9.16
maven/org.apache.ant:ant>=1.10.0<1.10.11
Apache Ant>=1.9.0<1.9.16
Apache Ant>=1.10.0<1.10.11
Oracle Agile Engineering Data Management=6.2.1.0
Oracle Agile PLM=9.3.6
and 75 more
CVE-2021-34558
Golang Go is vulnerable to a denial of service, caused by the failure to properly assert that the type of public key in an X.509 certificate matches the expected type in the crypto/tls package. By per...
Golang Go<1.15.14
Golang Go>=1.16.0<1.16.6
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Netapp Cloud Insights Telegraf
Netapp Storagegrid
and 30 more
CVE-2021-36373
Apache Ant is vulnerable to a denial of service, caused by an out-of-memory error when large amounts of memory are allocated. By persuading a victim to open a specially-crafted TAR archive, a remote a...
redhat/Apache Ant<1.9.16
redhat/Ant<1.10.11
Apache Ant>=1.9.0<1.9.16
Apache Ant>=1.10.0<1.10.11
Oracle Agile PLM=9.3.6
Oracle Banking Trade Finance=14.5
and 69 more
CVE-2021-29923
Golang Go could allow a remote attacker to bypass security restrictions, caused by improper consideration for extraneous zero characters at the beginning of an IP address octet. By sending a specially...
redhat/openshift-serverless-clients<0:0.26.0-2.el8
redhat/kiali<0:v1.24.7.redhat1-1.el8
redhat/servicemesh<0:2.0.9-3.el8
redhat/servicemesh-prometheus<0:2.14.0-16.el8.1
redhat/servicemesh-proxy<0:2.0.9-3.el8
redhat/go-toolset<1.15-golang-0:1.15.14-2.el7_9
and 17 more
CVE-2020-11979
As mitigation for <a href="https://access.redhat.com/security/cve/CVE-2020-1945">CVE-2020-1945</a> Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user...
redhat/jenkins<0:2.263.3.1612433584-1.el7
redhat/conmon<2:2.0.21-1.rhaos4.5.el7
redhat/jenkins<0:2.263.3.1612434332-1.el7
redhat/machine-config-daemon<0:4.5.0-202102050524.p0.git.2594.ff3b8c0.el8
redhat/openshift<0:4.5.0-202102050524.p0.git.0.9229406.el7
redhat/openshift-ansible<0:4.5.0-202102031005.p0.git.0.c6839a2.el7
and 147 more
CVE-2020-7712
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
maven/org.webjars.npm:json<=9.0.6
npm/json<10.0.0
Joyent Json Node.js<10.0.0
Oracle Commerce Guided Search=11.3.2
Oracle Financial Services Crime And Compliance Management Studio=8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio=8.0.8.3.0
and 2 more
CVE-2020-1945
Apache Ant could allow a remote attacker to bypass security restrictions, caused by the use of an insecure temporary directory to store source files. By sending a specially-crafted request, an attacke...
redhat/jenkins<0:2.263.3.1612433584-1.el7
redhat/conmon<2:2.0.21-1.rhaos4.5.el8
redhat/jenkins<0:2.263.3.1612434332-1.el7
redhat/machine-config-daemon<0:4.5.0-202102050524.p0.git.2594.ff3b8c0.el8
redhat/openshift<0:4.5.0-202102050524.p0.git.0.9229406.el7
redhat/openshift-ansible<0:4.5.0-202102031005.p0.git.0.c6839a2.el7
and 128 more
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This...
redhat/eap7-apache-cxf<0:3.2.11-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-6.SP3_redhat_00004.1.el6ea
redhat/eap7-hal-console<0:3.0.19-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.14-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-validator<0:6.0.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jackson-annotations<0:2.9.10-1.redhat_00003.1.el6ea
and 795 more
CVE-2019-1010239
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetOb...
Cjson Project Cjson=1.7.8
Oracle TimesTen In-Memory Database<18.1.3.1.0
CVE-2019-0201
A flaw was found in Apache ZooKeeper. A lack of permission checks while retrieving ACLs allows unsalted hash values to be disclosed for unauthenticated or unprivileged users.
redhat/zookeeper<3.6.0
redhat/zookeeper<3.5.5
redhat/zookeeper<3.4.14
ubuntu/zookeeper<3.4.8-1ubuntu0.1~
ubuntu/zookeeper<3.4.5+dfsg-1ubuntu0.1~
ubuntu/zookeeper<3.4.9-3+
and 34 more
CVE-2019-11834
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
Cjson Project Cjson<1.7.11
Oracle TimesTen In-Memory Database<18.1.3.1.0
CVE-2019-11835
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
Cjson Project Cjson<1.7.11
Oracle TimesTen In-Memory Database<18.1.3.1.0
CVE-2018-15769
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially ...
Dell Bsafe>=4.0.0<4.0.11
Dell Bsafe>=4.1.0<4.1.6.2
Oracle Application Testing Suite=13.3.0.1
Oracle Communications Analytics=12.1.1
Oracle Communications Ip Service Activator=7.3.0
Oracle Communications Ip Service Activator=7.4.0
and 18 more
CVE-2018-11058
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read v...
Dell Bsafe>=4.0.0<4.0.11
Dell Bsafe>=4.1.0<4.1.6
Dell Bsafe Crypto-c>=4.0.0<4.0.5.3
Oracle Application Testing Suite=13.3.0.1
Oracle Communications Analytics=12.1.1
Oracle Communications Ip Service Activator=7.3.0
and 19 more
CVE-2018-11055
Dell Bsafe>=4.0.0<4.0.11
Dell Bsafe>=4.1.0<4.1.6.1
Oracle Application Testing Suite=13.3.0.1
Oracle Communications Analytics=12.1.1
Oracle Communications Ip Service Activator=7.3.0
Oracle Communications Ip Service Activator=7.4.0
and 18 more
CVE-2018-11056
RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion...
Dell Bsafe>=4.1.0<4.1.6.1
Dell Bsafe Crypto-c>=4.0.0<4.0.5.3
Oracle Application Testing Suite=13.3.0.1
Oracle Communications Analytics=12.1.1
Oracle Communications Ip Service Activator=7.3.0
Oracle Communications Ip Service Activator=7.4.0
and 18 more
CVE-2018-11057
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher ...
Dell Bsafe>=4.0.0<4.0.11
Dell Bsafe>=4.1.0<4.1.6.1
Oracle Application Testing Suite=13.3.0.1
Oracle Communications Analytics=12.1.1
Oracle Communications Ip Service Activator=7.3.0
Oracle Communications Ip Service Activator=7.4.0
and 18 more
CVE-2018-11054
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.
Dell Bsafe=4.1.6
Oracle Application Testing Suite=13.3.0.1
Oracle Communications Analytics=12.1.1
Oracle Communications Ip Service Activator=7.3.4
Oracle Communications Ip Service Activator=7.4.0
Oracle Core Rdbms=11.2.0.4
and 17 more
CVE-2018-1288
In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request int...
redhat/kafka<0.10.2.2
redhat/kafka<0.11.0.3
redhat/kafka<1.0.1
redhat/kafka<1.1.0
Apache Kafka>0.9.0.0<=0.9.0.1
Apache Kafka>=0.10.0.0<=0.10.2.1
and 10 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203