|
2020-06-27
|
CVE-2020-15358
|
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
|
Icloud, Ipados, Iphone_os, Mac_os, Tvos, Watchos, Ubuntu_linux, Communications_network_charging_and_control, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Mysql, Outside_in_technology, Sqlite
|
5.5
|
|
|
|
2020-06-29
|
CVE-2020-15389
|
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.
|
Debian_linux, Outside_in_technology, Openjpeg
|
6.5
|
|
|
|
2019-06-26
|
CVE-2019-12973
|
In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.
|
Debian_linux, Leap, Database_server, Outside_in_technology, Openjpeg
|
5.5
|
|
|
|
2019-06-24
|
CVE-2018-20843
|
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
|
Ubuntu_linux, Debian_linux, Fedora, Libexpat, Leap, Outside_in_technology
|
7.5
|
|
|
|
2021-01-20
|
CVE-2021-2069
|
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as...
|
Outside_in_technology
|
8.6
|
|
|
|
2021-01-20
|
CVE-2021-2068
|
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as...
|
Outside_in_technology
|
8.6
|
|
|
|
2021-01-20
|
CVE-2021-2067
|
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as...
|
Outside_in_technology
|
8.6
|
|
|
|
2021-01-20
|
CVE-2021-2066
|
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as...
|
Outside_in_technology
|
8.6
|
|
|
|
2018-10-19
|
CVE-2018-18224
|
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.
|
Drawings_sdk, Outside_in_technology
|
8.1
|
|
|
|
2018-10-19
|
CVE-2018-18223
|
Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.
|
Drawings_sdk, Outside_in_technology
|
8.1
|
|
|