Goldengate@* Security Vulnerabilities and Issues — Goldengate@* CVE List

Lucene search

OracleGoldengate*

9 matches found

CVE•added 2021/06/01 1:15 p.m.•5870 views

CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

7.7CVSS6.3AI score0.79716EPSS

CVE•added 2019/12/18 8:15 p.m.•368 views

CVE-2018-1311

The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via th...

8.1CVSS7.9AI score0.03959EPSS

CVE•added 2019/11/08 3:15 p.m.•254 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01412EPSS

CVE•added 2019/09/18 11:15 p.m.•231 views

CVE-2019-3740

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.

6.5CVSS7.9AI score0.01239EPSS

CVE•added 2019/09/18 11:15 p.m.•222 views

CVE-2019-3738

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.

6.5CVSS7.5AI score0.00968EPSS

CVE•added 2019/09/18 11:15 p.m.•220 views

CVE-2019-3739

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.

6.5CVSS7.9AI score0.01239EPSS

CVE•added 2021/07/21 3:15 p.m.•212 views

CVE-2021-2351

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. S...

8.3CVSS8.5AI score0.03544EPSS

CVE•added 2022/04/19 9:15 p.m.•83 views

CVE-2022-21442

Vulnerability in Oracle GoldenGate (component: OGG Core Library). The supported version that is affected is Prior to 23.1. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle GoldenGate executes to compromise Oracle GoldenGate. While the vul...

8.8CVSS8.7AI score0.00138EPSS

CVE•added 2020/07/15 6:15 p.m.•37 views

CVE-2020-14705

Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). The supported version that is affected is Prior to 19.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hard...

9.6CVSS9AI score0.00457EPSS