CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-21498
https://notcve.org/view.php?id=CVE-2025-21498
21 Jan 2025 — Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpujan2025.html • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20991
https://notcve.org/view.php?id=CVE-2024-20991
16 Apr 2024 — Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22019
https://notcve.org/view.php?id=CVE-2023-22019
17 Oct 2023 — Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle HTTP Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuoct2023.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-26281 – IBM HTTP Server denial of service
https://notcve.org/view.php?id=CVE-2023-26281
28 Feb 2023 — IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. IBM X-Force ID: 248296. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248296 • CWE-20: Improper Input Validation •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21593
https://notcve.org/view.php?id=CVE-2022-21593
18 Oct 2022 — Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OHS Config MBeans). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle... • https://www.oracle.com/security-alerts/cpuoct2022.html •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35169
https://notcve.org/view.php?id=CVE-2020-35169
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5.2, contienen una vulnerabilidad de Comprobación de Entrada Inapropiada • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-20: Improper Input Validation CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35168
https://notcve.org/view.php?id=CVE-2020-35168
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.6, contienen una vulnerabilidad de Discrepancia de Tiempo Observable • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35167
https://notcve.org/view.php?id=CVE-2020-35167
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.6, contienen una vulnerabilidad de Discrepancia de Tiempo Observable • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35166
https://notcve.org/view.php?id=CVE-2020-35166
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.6, contienen una vulnerabilidad de Discrepancia de Tiempo Observable Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Disc... • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-385: Covert Timing Channel •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35164
https://notcve.org/view.php?id=CVE-2020-35164
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a la 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a la 4.6, contienen una vulnerabilidad de discrepancia de tiempo observable • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-385: Covert Timing Channel •