CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2469
https://notcve.org/view.php?id=CVE-2019-2469
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html http://www.securityfocus.com/bid/106579 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2461
https://notcve.org/view.php?id=CVE-2019-2461
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html http://www.securityfocus.com/bid/106579 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-20584
https://notcve.org/view.php?id=CVE-2018-20584
JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format. JasPer 2.0.14 permite que los atacantes remotos provoquen una denegación de servicio (bloqueo de la aplicación) mediante un intento de conversión al formato jp2. • http://www.securityfocus.com/bid/106356 https://github.com/mdadams/jasper/issues/192 https://lists.debian.org/debian-lts-announce/2019/01/msg00003.html https://security.gentoo.org/glsa/201908-03 https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-18223
https://notcve.org/view.php?id=CVE-2018-18223
Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash. Open Design Alliance Drawings SDK 2019Update1 tiene una vulnerabilidad durante la lectura de archivos mal formados, lo que permite que los atacantes obtengan información sensible de la memoria del proceso o provoquen un cierre inesperado. • http://www.securityfocus.com/bid/105603 https://www.opendesign.com/security-advisories https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-18224
https://notcve.org/view.php?id=CVE-2018-18224
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash. Existe una vulnerabilidad en el procedimiento de lectura de archivos de Open Design Alliance Drawings SDK 2019Update1 en plataformas diferentes de Windows por la cual los atacantes podrían realizar operaciones de lectura más allá del final o antes del principio del búfer planeado. Esto puede permitir que los atacantes obtengan información sensible de la memoria del proceso o provoquen un cierre inesperado. • http://www.securityfocus.com/bid/105603 https://www.opendesign.com/security-advisories https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-125: Out-of-bounds Read •