Vulnerabilities (CVE)

Vendor filter

Oracle Subscribe

Product filter

Secure Global Desktop Subscribe

Filter

5902 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-3822 6 Haxx, Canonical, Debian and 3 more 8 Libcurl, Ubuntu Linux, Debian Linux and 5 more 2019-07-19 7.5
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header...
CVE-2013-2461 2 Oracle, Sun 7 Jdk, Jre, Jrockit and 4 more 2019-07-18 7.5
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier;...
CVE-2012-3202 1 Oracle 2 Fusion Middleware, Jrockit 2019-07-18 10.0
Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability...
CVE-2012-0508 1 Oracle 1 Javafx 2019-07-18 10.0
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX, 1.3.0 and earlier, and 1.2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
CVE-2018-1275 2 Pivotal Software, Oracle 16 Spring Framework, Application Testing Suite, Big Data Discovery and 13 more 2019-07-03 7.5
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module....
CVE-2018-1270 2 Pivotal Software, Oracle 22 Spring Framework, Application Testing Suite, Big Data Discovery and 19 more 2019-07-03 7.5
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module....
CVE-2019-2729 1 Oracle 1 Weblogic Server 2019-06-21 7.5
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows...
CVE-2018-3258 1 Oracle 1 Connector%2fj 2019-06-19 6.5
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via...
CVE-2017-5645 4 Apache, Netapp, Oracle and 1 more 59 Log4j, Oncommand Api Services, Oncommand Insight and 56 more 2019-06-19 7.5
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVE-2018-1000122 5 Haxx, Canonical, Debian and 2 more 8 Curl, Ubuntu Linux, Debian Linux and 5 more 2019-06-18 6.4
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage
CVE-2018-1000120 5 Haxx, Canonical, Debian and 2 more 8 Curl, Ubuntu Linux, Debian Linux and 5 more 2019-06-18 7.5
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.
CVE-2018-7566 6 Suse, Linux, Canonical and 3 more 12 Linux Enterprise Module For Public Cloud, Linux Kernel, Linux Enterprise Server and 9 more 2019-06-17 4.6
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2015-3195 6 Openssl, Apple, Oracle and 3 more 16 Sun Ray Software, Openssl, Transportation Management and 13 more 2019-06-14 5.0
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers...
CVE-2015-0235 2 Oracle, Gnu 3 Glibc, Communications Applications, Oracle Pillar Axiom 2019-06-13 10.0
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2)...
CVE-2015-3196 7 Hp, Openssl, Oracle and 4 more 13 Icewall Sso, Icewall Sso Agent Option, Vm Virtualbox and 10 more 2019-06-13 4.3
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of...
CVE-2015-2582 4 Debian, Oracle, Canonical and 1 more 10 Debian Linux, Ubuntu Linux, Solaris and 7 more 2019-06-13 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS.
CVE-2019-2556 1 Oracle 1 Vm Virtualbox 2019-06-11 2.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with...
CVE-2019-2555 1 Oracle 1 Vm Virtualbox 2019-06-11 2.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with...
CVE-2019-2554 1 Oracle 1 Vm Virtualbox 2019-06-11 2.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with...
CVE-2019-2553 1 Oracle 1 Vm Virtualbox 2019-06-11 2.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with...