12 matches found
CVE-2019-3740
CVE-2019-3740 concerns RSA BSAFE Crypto-J used by Oracle GoldenGate Install (Dell BSAFE Crypto-J). The root cause is a timing-discrepancy vulnerability during DSA key generation that could allow a remote attacker to recover DSA private keys. Affected product/component: Oracle GoldenGate (Install ...
CVE-2019-3739
CVE-2019-3739 concerns RSA BSAFE Crypto-J versions prior to 6.2.5, where information exposure can occur via timing discrepancy during ECDSA key generation. The vulnerability could allow a remote attacker to recover ECDSA keys. The provided documents identify the affected component as Dell/Certico...
CVE-2019-3738
Missing Required Cryptographic Step vulnerability (CVE-2019-3738) affects Dell RSA BSAFE Crypto-J versions prior to 6.2.5; a remote attacker could coerce two parties into computing the same predictable shared key. The CNVD entry confirms the affected component and impact; the Oracle/Nessus refere...
CVE-2018-1288
CVE-2018-1288 affects Apache Kafka across multiple 0.9.x–1.0.0 release lines; authenticated users can issue a fetch request that performs a broker-reserved action, potentially causing data loss during replication. Public documentation here documents the issue and confirms fixes in later Kafka bui...
CVE-2020-2978
CVE-2020-2978 affects Oracle Database - Enterprise Edition; vulnerable in versions 12.1.0.2, 12.2.0.1, 18c, 19c. The connected material indicates the issue relates to RMAN auditing: Oracle RMAN Missing Auditing for Point‑In‑Time Recovery, enabling limited visibility of certain RMAN operations. Th...
CVE-2019-2444
CVE-2019-2444 affects Oracle Database Server Core RDBMS. Affected versions are 12.2.0.1 and 18c. The vulnerability allows a low-privileged, local attacker with logon to the infrastructure where Core RDBMS runs to take over the Core RDBMS, with exploitation requiring user interaction. CVSSv3 base ...
CVE-2019-2619
CVE-2019-2619 affects Oracle Database Server Portable Clusterware. Affected versions: 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Root cause: vulnerability in Portable Clusterware that can be exploited by a Grid Infrastructure User with local logon to compromise Portable Clusterware and potentially imp...
CVE-2021-2245
CVE-2021-2245 is described as a vulnerability in the Oracle Database - Enterprise Edition Unified Audit component. Public sources in the provided documents tie this CVE to IBM Emptoris products, listing affected modules and versions: IBM Emptoris Supplier Lifecycle Management, Contract Management...
CVE-2021-2207
CVE-2021-2207 affects Oracle Database Server - Enterprise Edition components (Oracle DB 12.1.0.2, 12.2.0.1, 18c, 19c). The vulnerability is exploitable by an attacker with RMAN executable privilege who can log on to the infrastructure, potentially resulting in unauthorized updates, inserts, or de...
CVE-2019-2406
Affected: Oracle Database Server Core RDBMS (versions 12.1.0.2, 12.2.0.1, 18c). Vulnerability: CVE-2019-2406 allows a high-privilege attacker with Create Session and Execute Catalog Role, over Oracle Net, to take over the Core RDBMS. Documents indicate this is referenced in the Jan 2019 CPU (Orac...
CVE-2020-5360
CVE-2020-5360 refers to a buffer under-read vulnerability in Dell BSAFE Micro Edition Suite, before version 4.5. The NVD entry notes unauthenticated remote exploitation with network access potentially causing undefined behavior or a crash (availability impact). Corporate context in connected docu...
CVE-2020-5359
CVE-2020-5359 affects Dell BSAFE Micro Edition Suite, versions prior to 4.5. The vulnerability is an unchecked return value vulnerability allowing an unauthenticated remote attacker to modify and corrupt encrypted data. No explicit fix/version remediation is provided in the connected documents; m...