4 matches found
CVE-2016-8610
CVE-2016-8610 is a denial-of-service flaw in OpenSSL affecting TLS/SSL alert packet processing during handshakes. The issue exists in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0, enabling a remote attacker to cause high CPU usage and denial of service by sending many alert messages. Con...
CVE-2021-2018
CVE-2021-2018 affects Oracle Database Server’s Advanced Networking Option. Affected: Oracle Database Server 18c and 19c. Root cause per documented material: vulnerability in the Advanced Networking Option component; attacker can exploit via Oracle Net with network access, requiring no authenticat...
CVE-2018-2587
CVE-2018-2587 affects Oracle Fusion Middleware — Oracle Access Manager, Web Server Plugin. Affected versions: 10.1.4.3.0, 11.1.2.3.0, 12.2.1.3.0. An unauthenticated, network-based attacker can access via HTTP, leading to unauthorized creation, deletion or modification of data, and unauthorized re...
CVE-2018-2770
Affected product/component: Oracle Fusion Middleware's Oracle Adaptive Access Manager (OAAM) Admin subcomponent, version 11.1.2.3.0. Vulnerability details: A low-privilege, network-accessible flaw in OAAM Admin allows compromising OAAM with HTTP access; exploitation requires user interaction and ...