CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-12973 – openjpeg: denial of service in function opj_t1_encode_cblks in openjp2/t1.c
https://notcve.org/view.php?id=CVE-2019-12973
26 Jun 2019 — In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616. En OpenJPEG versión 2.3.1, hay una iteración excesiva en la función opj_t1_encode_cblks de openjp2/t1.c. Los atacantes remotos podrían aprovechar esta vulnerabilidad para causar una denegación de servicio a través de un archivo bmp modificado. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html • CWE-20: Improper Input Validation CWE-834: Excessive Iteration •
CVSS: 7.8EPSS: 9%CPEs: 19EXPL: 1CVE-2018-20843 – expat: large number of colons in input makes parser consume high amount of resources, leading to DoS
https://notcve.org/view.php?id=CVE-2018-20843
24 Jun 2019 — In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). En libexpat en Expat anterior a versión 2.2.7, una entrada XML incluyendo nombres XML que contienen una gran cantidad de "dos puntos", podría hacer que el analizador XML consuma una gran cantidad de recursos de RAM y CPU durante el procesamiento (lo suficiente como ... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html • CWE-400: Uncontrolled Resource Consumption CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.2EPSS: 1%CPEs: 2EXPL: 0CVE-2019-2705
https://notcve.org/view.php?id=CVE-2019-2705
23 Apr 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology as well as unauthorize... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2019-2610
https://notcve.org/view.php?id=CVE-2019-2610
23 Apr 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial o... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2019-2611
https://notcve.org/view.php?id=CVE-2019-2611
23 Apr 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial o... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2019-2612
https://notcve.org/view.php?id=CVE-2019-2612
23 Apr 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial o... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2019-2613
https://notcve.org/view.php?id=CVE-2019-2613
23 Apr 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial o... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2019-2608
https://notcve.org/view.php?id=CVE-2019-2608
23 Apr 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data as well as unauthorized read access ... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2019-2609
https://notcve.org/view.php?id=CVE-2019-2609
23 Apr 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial o... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2429
https://notcve.org/view.php?id=CVE-2019-2429
16 Jan 2019 — Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently re... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •