Page 7 of 54 results (0.009 seconds)

CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0

Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash. Open Design Alliance Drawings SDK 2019Update1 tiene una vulnerabilidad durante la lectura de archivos mal formados, lo que permite que los atacantes obtengan información sensible de la memoria del proceso o provoquen un cierre inesperado. • http://www.securityfocus.com/bid/105603 https://www.opendesign.com/security-advisories https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •

CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0

A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash. Existe una vulnerabilidad en el procedimiento de lectura de archivos de Open Design Alliance Drawings SDK 2019Update1 en plataformas diferentes de Windows por la cual los atacantes podrían realizar operaciones de lectura más allá del final o antes del principio del búfer planeado. Esto puede permitir que los atacantes obtengan información sensible de la memoria del proceso o provoquen un cierre inesperado. • http://www.securityfocus.com/bid/105603 https://www.opendesign.com/security-advisories https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Outside In Technology accessible data as well as unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105603 •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105603 •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105603 •