Filter
AND
Apache Log4jA deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.
First published (updated )
Apache Log4jSQL injection in JDBC Appender in Apache Log4j V1
First published (updated )
redhat/log4jDeserialization of untrusted data in JMSAppender in Apache Log4j 1.2
8.1
First published (updated )
Oracle Utilities FrameworkAn issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.chec…
8.1
First published (updated )
Oracle Retail Integration BusApache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/eap7-elytron-webPossible request smuggling in HTTP/2 due missing validation of content-length
5.9
First published (updated )
redhat/eap7-artemis-wildfly-integrationLocal Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files
6.2
First published (updated )
Oracle Retail Financial IntegrationBypass of the secureValidation property
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Communications Messaging ServerUnspecified vulnerability in the Oracle Communications Messaging Server component in Oracle Communic…
5.3
First published (updated )
Apache Log4jDeserialization of untrusted data in JMSSink in Apache Log4j 1.x
First published (updated )
Oracle Communications Network Charging And ControlUse after free in SQLite
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSE openSUSE The Regular Expressions package in International Components for Unicode (ICU) allows remote attacke…
7.5
First published (updated )
openSUSE openSUSE The Regular Expressions package in International Components for Unicode (ICU) allows remote attacke…
7.5
First published (updated )
Oracle Banking Corporate Lending Process ManagementXEE
9.8
First published (updated )
Oracle Banking PlatformFasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadg…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Banking Corporate Lending Process ManagementFasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadg…
9.8
First published (updated )
Oracle Banking Liquidity ManagementCode Injection
9.8
First published (updated )
Oracle Business IntelligenceApache CXF Reflected XSS in the services listing page via the styleSheetPath
6.1
First published (updated )
Oracle Communications Network Charging And ControlUse After Free, SQL Injection
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Primavera UnifierA carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or c…
5.5
First published (updated )
Canonical Ubuntu LinuxNull Pointer Dereference, SQL Injection
7.5
First published (updated )
Oracle Business Process Management SuiteA carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser …
5.5
First published (updated )
Oracle Business Process Management SuiteA carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in ver…
5.5
First published (updated )
redhat/eap7-apache-cxfCrafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.