Outside In Technology@8.5.4 Security Vulnerabilities and Issues — Outside In Technology@8.5.4 CVE List

Lucene search

OracleOutside In Technology8.5.4

95 matches found

CVE•added 2019/09/09 5:15 p.m.•578 views

CVE-2019-16168

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."

6.5CVSS7AI score0.00863EPSS

CVE•added 2020/06/27 12:15 p.m.•511 views

CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

5.5CVSS6.8AI score0.00073EPSS

CVE•added 2019/06/24 5:15 p.m.•468 views

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

7.8CVSS7.5AI score0.05686EPSS

CVE•added 2020/04/09 3:15 a.m.•429 views

CVE-2020-11655

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

7.5CVSS7.9AI score0.02825EPSS

CVE•added 2020/01/13 6:15 a.m.•366 views

CVE-2020-6851

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

7.5CVSS7.9AI score0.0122EPSS

CVE•added 2020/04/09 3:15 a.m.•355 views

CVE-2020-11656

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

9.8CVSS9.1AI score0.09404EPSS

CVE•added 2020/02/21 10:15 p.m.•352 views

CVE-2020-9327

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

7.5CVSS7.8AI score0.01401EPSS

CVE•added 2020/05/27 3:15 p.m.•317 views

CVE-2020-13631

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.

5.5CVSS6.7AI score0.00111EPSS

CVE•added 2019/06/26 6:15 p.m.•308 views

CVE-2019-12973

In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.

5.5CVSS6.4AI score0.00117EPSS

CVE•added 2020/05/27 3:15 p.m.•297 views

CVE-2020-13630

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

7CVSS7.5AI score0.00177EPSS

CVE•added 2020/06/29 9:15 p.m.•249 views

CVE-2020-15389

jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.

6.5CVSS7.1AI score0.00223EPSS

CVE•added 2020/05/27 3:15 p.m.•241 views

CVE-2020-13632

ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

5.5CVSS6.2AI score0.00064EPSS

CVE•added 2017/04/14 4:59 a.m.•92 views

CVE-2016-10328

FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.

9.8CVSS9.5AI score0.00979EPSS

CVE•added 2018/12/30 5:29 a.m.•91 views

CVE-2018-20584

JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format.

6.5CVSS6.5AI score0.00445EPSS

CVE•added 2019/07/23 11:15 p.m.•87 views

CVE-2019-2764

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In ...

7.5CVSS6.4AI score0.00753EPSS

CVE•added 2019/07/23 11:15 p.m.•81 views

CVE-2019-2854

7.5CVSS6.4AI score0.00753EPSS

CVE•added 2019/07/23 11:15 p.m.•81 views

CVE-2019-2855

7.5CVSS6.4AI score0.00753EPSS

CVE•added 2019/07/23 11:15 p.m.•77 views

CVE-2019-2835

7.5CVSS6.4AI score0.00753EPSS

CVE•added 2019/01/16 7:30 p.m.•69 views

CVE-2019-2462

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Ou...

7.2CVSS6.3AI score0.00827EPSS

CVE•added 2018/10/17 1:31 a.m.•57 views

CVE-2018-3226

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle ...

7.1CVSS6.5AI score0.01098EPSS

CVE•added 2019/01/16 7:30 p.m.•55 views

CVE-2019-2464

5.3CVSS4.7AI score0.00821EPSS

CVE•added 2019/01/16 7:30 p.m.•55 views

CVE-2019-2469

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle ...

6.5CVSS6.1AI score0.00961EPSS

CVE•added 2020/01/15 5:15 p.m.•53 views

CVE-2020-2536

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Techn...

5.8CVSS5.5AI score0.008EPSS

CVE•added 2020/01/15 5:15 p.m.•52 views

CVE-2020-2542

6.5CVSS6.5AI score0.0121EPSS

CVE•added 2018/10/19 10:29 p.m.•48 views

CVE-2018-18224

A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information fro...

8.1CVSS7.6AI score0.00909EPSS

CVE•added 2019/01/16 7:30 p.m.•48 views

CVE-2019-2477

7.5CVSS6.9AI score0.01954EPSS

CVE•added 2019/10/16 6:15 p.m.•48 views

CVE-2019-2903

7.5CVSS6.5AI score0.00988EPSS

CVE•added 2019/10/16 6:15 p.m.•48 views

CVE-2019-2970

7.5CVSS6.5AI score0.00988EPSS

CVE•added 2019/07/23 11:15 p.m.•47 views

CVE-2019-2853

7.5CVSS6.7AI score0.00938EPSS

CVE•added 2019/10/16 6:15 p.m.•46 views

CVE-2019-2901

7.5CVSS6.5AI score0.00988EPSS

CVE•added 2018/10/17 1:31 a.m.•44 views

CVE-2018-3220

7.1CVSS6.7AI score0.0277EPSS

CVE•added 2020/01/15 5:15 p.m.•44 views

CVE-2020-2543

7.5CVSS7AI score0.00926EPSS

CVE•added 2018/10/17 1:31 a.m.•43 views

CVE-2018-3225

7.1CVSS6.5AI score0.01098EPSS

CVE•added 2018/10/17 1:31 a.m.•43 views

CVE-2018-3232

7.1CVSS6.5AI score0.01098EPSS

CVE•added 2019/01/16 7:30 p.m.•43 views

CVE-2019-2463

6.5CVSS5.9AI score0.01247EPSS

CVE•added 2019/10/16 6:15 p.m.•43 views

CVE-2019-2902

7.5CVSS6.5AI score0.00988EPSS

CVE•added 2019/01/16 7:30 p.m.•42 views

CVE-2019-2479

7.5CVSS6.9AI score0.01954EPSS

CVE•added 2019/07/23 11:15 p.m.•42 views

CVE-2019-2792

7.5CVSS6.4AI score0.00753EPSS

CVE•added 2020/01/15 5:15 p.m.•42 views

CVE-2020-2576

6.5CVSS6.5AI score0.0121EPSS

CVE•added 2020/04/15 2:15 p.m.•42 views

CVE-2020-2786

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technolo...

7.5CVSS6.9AI score0.01081EPSS

CVE•added 2018/10/19 10:29 p.m.•41 views

CVE-2018-18223

Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.

8.1CVSS7.7AI score0.00909EPSS

CVE•added 2021/01/20 3:15 p.m.•41 views

CVE-2021-2068

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...

8.6CVSS8AI score0.01075EPSS

CVE•added 2018/10/17 1:31 a.m.•40 views

CVE-2018-3218

7.1CVSS7AI score0.01018EPSS

CVE•added 2018/10/17 1:31 a.m.•40 views

CVE-2018-3229

7.1CVSS6.5AI score0.01098EPSS

CVE•added 2018/10/17 1:31 a.m.•40 views

CVE-2018-3233

7.1CVSS6.5AI score0.01098EPSS

CVE•added 2019/07/23 11:15 p.m.•40 views

CVE-2019-2756