NotCVE - vendor:"Oracle" product:"Outside In Technology" version:"8.5.4"

95 results (0.083 seconds)

CVSS: 8.6EPSS: 1%CPEs: 2EXPL: 0

CVE-2021-2066

https://notcve.org/view.php?id=CVE-2021-2066

20 Jan 2021 — Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unautho... • https://www.oracle.com/security-alerts/cpujan2021.html •

CVSS: 8.6EPSS: 1%CPEs: 2EXPL: 0

CVE-2021-2067

https://notcve.org/view.php?id=CVE-2021-2067

CVSS: 8.6EPSS: 1%CPEs: 2EXPL: 0

CVE-2021-2068

https://notcve.org/view.php?id=CVE-2021-2068

CVSS: 8.6EPSS: 1%CPEs: 2EXPL: 0

CVE-2021-2069

https://notcve.org/view.php?id=CVE-2021-2069

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2020-15389 – openjpeg: use-after-free and double-free via a mix of valid and invalid files in a directory operated on by the decompressor

https://notcve.org/view.php?id=CVE-2020-15389

29 Jun 2020 — jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice. El archivo jp2/opj_decompress.c en OpenJPEG versiones hasta 2.3.1 presenta un uso de la memoria previamente liberada que puede ser desencadenada si existe una combinación de archivos válidos y no válidos en un directorio operado p... • https://github.com/uclouvain/openjpeg/issues/1261 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 1

CVE-2020-15358 – sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c

https://notcve.org/view.php?id=CVE-2020-15358

27 Jun 2020 — In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. En SQLite versiones anteriores a 3.32.3, el archivo select.c maneja inapropiadamente la optimización query-flattener, conllevando a un desbordamiento de la pila de multiSelectOrderBy debido al uso inapropiado de las propiedades transitivas para la propagación constante A heap buffer overflow was found in SQLite in the qu... • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0

CVE-2020-13630 – sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c

https://notcve.org/view.php?id=CVE-2020-13630

27 May 2020 — ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. El archivo ext/fts3/fts3.c en SQLite versiones anteriores a la versión 3.32.0, tiene un uso de la memoria previamente liberada en la función fts3EvalNextRow, relacionado con la funcionalidad snippet. A use-after-free vulnerability was found in the SQLite FTS3 extension module in the way it implemented the snippet function. This flaw allows an attacker who can execute SQL statements to crash the a... • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2020-13631 – sqlite: Virtual table can be renamed into the name of one of its shadow tables

https://notcve.org/view.php?id=CVE-2020-13631

27 May 2020 — SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. SQLite versiones anteriores a la versión 3.32.0, permite que una tabla virtual sea renombrada con el nombre de una de sus tablas shadow, relacionada con los archivos alter.c y build.c. A flaw was found in the virtual table implementation of SQLite. This flaw allows an attacker who can execute SQL statements to rename a virtual table to the name of one of its shadow tables, leadi... • http://seclists.org/fulldisclosure/2020/Dec/32 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0

CVE-2020-13632 – sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query

https://notcve.org/view.php?id=CVE-2020-13632

27 May 2020 — ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. En el archivo ext/fts3/fts3_snippet.c en SQLite versiones anteriores a la versión 3.32.0, tiene una desreferencia del puntero NULL por medio de una consulta en la función matchinfo() especialmente diseñada. A NULL pointer dereference flaw was found in the matchinfo auxiliary function of the SQLite FTS3 extension module. This flaw allows an attacker who can execute SQL statements to crash the appli... • https://bugs.chromium.org/p/chromium/issues/detail?id=1080459 • CWE-476: NULL Pointer Dereference •

CVSS: 5.3EPSS: 1%CPEs: 1EXPL: 0

CVE-2020-2783

https://notcve.org/view.php?id=CVE-2020-2783

15 Apr 2020 — Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software d... • https://www.oracle.com/security-alerts/cpuapr2020.html •

1 2 3 4 5