Outside In Technology@8.5.5 Security Vulnerabilities and Issues — Outside In Technology@8.5.5 CVE List

Lucene search

OracleOutside In Technology8.5.5

48 matches found

CVE•added 2021/09/19 6:15 p.m.•605 views

CVE-2021-40690

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any loca...

7.5CVSS7.4AI score0.00335EPSS

CVE•added 2020/06/27 12:15 p.m.•511 views

CVE-2020-15358

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

5.5CVSS6.8AI score0.00073EPSS

CVE•added 2019/06/24 5:15 p.m.•468 views

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

7.8CVSS7.5AI score0.05686EPSS

CVE•added 2020/04/09 3:15 a.m.•429 views

CVE-2020-11655

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

7.5CVSS7.9AI score0.02825EPSS

CVE•added 2020/05/24 10:15 p.m.•419 views

CVE-2020-13434

SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.

5.5CVSS6.8AI score0.0005EPSS

CVE•added 2020/01/13 6:15 a.m.•366 views

CVE-2020-6851

OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.

7.5CVSS7.9AI score0.0122EPSS

CVE•added 2020/04/09 3:15 a.m.•355 views

CVE-2020-11656

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

9.8CVSS9.1AI score0.09404EPSS

CVE•added 2020/02/21 10:15 p.m.•352 views

CVE-2020-9327

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

7.5CVSS7.8AI score0.01401EPSS

CVE•added 2020/05/27 3:15 p.m.•317 views

CVE-2020-13631

SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.

5.5CVSS6.7AI score0.00111EPSS

CVE•added 2019/06/26 6:15 p.m.•308 views

CVE-2019-12973

In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616.

5.5CVSS6.4AI score0.00117EPSS

CVE•added 2020/05/27 3:15 p.m.•297 views

CVE-2020-13630

ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.

7CVSS7.5AI score0.00177EPSS

CVE•added 2021/01/05 6:15 p.m.•272 views

CVE-2020-27844

A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as s...

8.3CVSS7.7AI score0.01463EPSS

CVE•added 2020/06/29 9:15 p.m.•249 views

CVE-2020-15389

jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.

6.5CVSS7.1AI score0.00223EPSS

CVE•added 2020/05/27 3:15 p.m.•241 views

CVE-2020-13632

ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

5.5CVSS6.2AI score0.00064EPSS

CVE•added 2021/06/12 10:15 a.m.•175 views

CVE-2021-31811

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

5.5CVSS5.6AI score0.00329EPSS

CVE•added 2021/01/05 6:15 p.m.•170 views

CVE-2020-27842

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.

5.5CVSS6.1AI score0.00066EPSS

CVE•added 2021/01/05 6:15 p.m.•170 views

CVE-2020-27843

A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system availability.

7.1CVSS6AI score0.00077EPSS

CVE•added 2021/03/19 4:15 p.m.•164 views

CVE-2021-27906

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

5.5CVSS5.6AI score0.00331EPSS

CVE•added 2021/03/19 4:15 p.m.•159 views

CVE-2021-27807

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

5.5CVSS5.6AI score0.00331EPSS

CVE•added 2021/01/05 6:15 p.m.•157 views

CVE-2020-27845

There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability.

5.5CVSS6.2AI score0.00065EPSS

CVE•added 2021/03/23 5:15 p.m.•150 views

CVE-2021-20227

A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerabilit...

5.5CVSS5.9AI score0.00214EPSS

CVE•added 2021/01/05 6:15 p.m.•142 views

CVE-2020-27841

There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability.

5.5CVSS6AI score0.00072EPSS

CVE•added 2021/07/21 12:15 a.m.•74 views

CVE-2021-2453

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Techn...

7.5CVSS7.5AI score0.01422EPSS

CVE•added 2021/07/21 12:15 a.m.•67 views

CVE-2021-2452

7.5CVSS7.2AI score0.01422EPSS

CVE•added 2021/07/21 12:15 a.m.•63 views

CVE-2021-2449

7.5CVSS7.2AI score0.01034EPSS

CVE•added 2021/07/21 12:15 a.m.•63 views

CVE-2021-2450

7.5CVSS7.2AI score0.01034EPSS

CVE•added 2021/04/22 10:15 p.m.•60 views

CVE-2021-2240

7.5CVSS7.2AI score0.00753EPSS

CVE•added 2021/07/21 12:15 a.m.•59 views

CVE-2021-2451

7.5CVSS7.5AI score0.01034EPSS

CVE•added 2021/07/21 3:16 p.m.•56 views

CVE-2021-2430

7.5CVSS7.2AI score0.01399EPSS

CVE•added 2021/07/21 3:15 p.m.•52 views

CVE-2021-2419

7.5CVSS7.2AI score0.01034EPSS

CVE•added 2021/07/21 3:15 p.m.•51 views

CVE-2021-2420

7.5CVSS7.2AI score0.01034EPSS

CVE•added 2021/10/20 11:17 a.m.•50 views

CVE-2021-35656

7.5CVSS7.2AI score0.018EPSS

CVE•added 2021/04/22 10:15 p.m.•49 views

CVE-2021-2242

8.2CVSS7.8AI score0.00788EPSS

CVE•added 2021/10/20 11:16 a.m.•49 views

CVE-2021-35573

7.5CVSS7.2AI score0.018EPSS

CVE•added 2021/10/20 11:16 a.m.•47 views

CVE-2021-35574

7.5CVSS7.1AI score0.01571EPSS

CVE•added 2021/10/20 11:17 a.m.•47 views

CVE-2021-35657

7.5CVSS7.2AI score0.018EPSS

CVE•added 2021/10/20 11:17 a.m.•46 views

CVE-2021-35658

7.5CVSS7.2AI score0.018EPSS

CVE•added 2021/10/20 11:16 a.m.•42 views

CVE-2021-35572

7.5CVSS7.2AI score0.018EPSS

CVE•added 2021/10/20 11:17 a.m.•42 views

CVE-2021-35659

7.5CVSS7.2AI score0.018EPSS

CVE•added 2021/01/20 3:15 p.m.•41 views

CVE-2021-2068

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside...

8.6CVSS8AI score0.01075EPSS

CVE•added 2021/10/20 11:17 a.m.•41 views

CVE-2021-35661

7.5CVSS7.2AI score0.018EPSS

CVE•added 2021/07/21 3:16 p.m.•40 views

CVE-2021-2431

7.5CVSS7.2AI score0.01399EPSS

CVE•added 2021/01/20 3:15 p.m.•39 views

CVE-2021-2066

8.6CVSS8AI score0.01075EPSS

CVE•added 2021/10/20 11:17 a.m.•39 views

CVE-2021-35662