Lucene search

K
OracleOss Support Tools

4 matches found

cve
cve
added 2021/04/13 7:15 a.m.545 views

CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal),...

5.8CVSS6.7AI score0.00264EPSS
cve
cve
added 2021/02/23 2:15 a.m.309 views

CVE-2021-27568

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive info...

5.9CVSS6AI score0.00536EPSS
cve
cve
added 2016/02/15 2:59 a.m.218 views

CVE-2015-3197

ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and ge...

5.9CVSS6.4AI score0.24752EPSS
cve
cve
added 2022/04/19 9:15 p.m.73 views

CVE-2022-21405

Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is affected is 18.3. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where OSS Support Tools executes to compromise OSS S...

5.5CVSS4.9AI score0.00133EPSS