Filtered by vendor Oracle
Subscribe
Total
9985 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14324 | 1 Oracle | 1 Glassfish Server | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. This allows remote attackers to obtain potentially sensitive information, perform database operations, or manipulate the demo via a JMX RMI session, aka a "jmx_rmi remote monitoring and control problem." NOTE: this is not an Oracle supported product. | |||||
| CVE-2018-14048 | 2 Libpng, Oracle | 3 Libpng, Jdk, Jre | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. | |||||
| CVE-2018-13785 | 4 Canonical, Libpng, Oracle and 1 more | 7 Ubuntu Linux, Libpng, Jdk and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. | |||||
| CVE-2018-12539 | 2 Eclipse, Oracle | 2 Openj9, Enterprise Manager Base Platform | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows, Linux and AIX JVMs and can be disabled using the command line option -Dcom.ibm.tools.attach.enable=no. | |||||
| CVE-2018-12536 | 2 Eclipse, Oracle | 2 Jetty, Retail Xstore Point Of Service | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using. If this InvalidPathException is then handled by the default Error Handler, the InvalidPathException message is included in the error response, revealing the full server path to the requesting system. | |||||
| CVE-2018-12207 | 8 Canonical, Debian, F5 and 5 more | 1533 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 1530 more | 2024-11-21 | 4.9 MEDIUM | 6.5 MEDIUM |
| Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | |||||
| CVE-2018-12023 | 5 Debian, Fasterxml, Fedoraproject and 2 more | 11 Debian Linux, Jackson-databind, Fedora and 8 more | 2024-11-21 | 5.1 MEDIUM | 7.5 HIGH |
| An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. | |||||
| CVE-2018-12022 | 5 Debian, Fasterxml, Fedoraproject and 2 more | 11 Debian Linux, Jackson-databind, Fedora and 8 more | 2024-11-21 | 5.1 MEDIUM | 7.5 HIGH |
| An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. | |||||
| CVE-2018-11797 | 3 Apache, Fedoraproject, Oracle | 3 Pdfbox, Fedora, Retail Xstore Point Of Service | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree. | |||||
| CVE-2018-11784 | 6 Apache, Canonical, Debian and 3 more | 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. | |||||
| CVE-2018-11775 | 2 Apache, Oracle | 3 Activemq, Enterprise Repository, Flexcube Private Banking | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default. | |||||
| CVE-2018-11771 | 2 Apache, Oracle | 2 Commons Compress, Weblogic Server | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream, which can be used to mount a denial of service attack against services that use Compress' zip package. | |||||
| CVE-2018-11763 | 5 Apache, Canonical, Netapp and 2 more | 9 Http Server, Ubuntu Linux, Storage Automation Store and 6 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. | |||||
| CVE-2018-11761 | 2 Apache, Oracle | 2 Tika, Business Process Management Suite | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack. | |||||
| CVE-2018-11307 | 3 Fasterxml, Oracle, Redhat | 8 Jackson-databind, Clusterware, Communications Instant Messaging Server and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6. | |||||
| CVE-2018-11237 | 5 Canonical, Gnu, Netapp and 2 more | 10 Ubuntu Linux, Glibc, Data Ontap Edge and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. | |||||
| CVE-2018-11236 | 4 Gnu, Netapp, Oracle and 1 more | 9 Glibc, Data Ontap Edge, Element Software Management and 6 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. | |||||
| CVE-2018-11219 | 4 Debian, Oracle, Redhat and 1 more | 4 Debian Linux, Communications Operations Monitor, Openstack and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. | |||||
| CVE-2018-11218 | 4 Debian, Oracle, Redhat and 1 more | 4 Debian Linux, Communications Operations Monitor, Openstack and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows. | |||||
| CVE-2018-11212 | 7 Canonical, Debian, Ijg and 4 more | 13 Ubuntu Linux, Debian Linux, Libjpeg and 10 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. | |||||