Lucene search
K
OracleSecurity Service

22 matches found

CVE
CVE
added 2022/07/11 7:26 p.m.173 views

CVE-2020-35169

CVE-2020-35169 is tied to Dell BSAFE Crypto-C Micro Edition (pre-4.1.5) and Dell BSAFE Micro Edition Suite (pre-4.5.2) with an Improper Input Validation vulnerability. Public sources in the connected documents confirm high-severity impact (CVSS v3.1: 9.8, network access, no authentication, high c...

9.8CVSS9.4AI score0.00864EPSS
CVE
CVE
added 2018/09/14 8:0 p.m.108 views

CVE-2018-11058

CVE-2018-11058 affects RSA BSAFE Micro Edition Suite (4.0.x before 4.0.11; 4.1.x before 4.1.6) and RSA BSAFE Crypto-C Micro Edition (4.0.x before 4.0.5.3). The issue is a buffer over-read when parsing ASN.1 data, exploitable by remotely crafted ASN.1 input. Connected Nessus entries (e.g., Oracle ...

9.8CVSS9.1AI score0.04012EPSS
CVE
CVE
added 2022/06/01 2:25 p.m.105 views

CVE-2020-26185

Dell BSAFE Micro Edition Suite (Dell) is affected by a Buffer Over-Read Vulnerability in versions prior to 4.5.1. Public docs consistently cite a remote-exploitable issue that can crash an application and cause denial of service. The CVSS data in the sources show a high impact (availability impac...

7.5CVSS7.5AI score0.01031EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.94 views

CVE-2020-35166

CVE-2020-35166 affects Dell BSAFE Crypto-C Micro Edition (pre-4.1.5) and Dell BSAFE Micro Edition Suite (pre-4.6) with an Observable Timing Discrepancy Vulnerability. The Initial Description specifies the affected products/versions and that the vulnerability is timing-related, implying potential ...

9.8CVSS7.2AI score0.00618EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.83 views

CVE-2020-35163

Technical details about CVE-2020-35163 are not publicly available in the provided connected documents. Monitor for updates.

9.8CVSS9.3AI score0.00918EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.82 views

CVE-2020-35164

Summary (CVE-2020-35164) Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.6) have an observable timing discrepancy vulnerability. Connected sources (PT-2022-8918) corroborate affected versions and advise upgrading to 4.1.5+ and 4.6+ r...

8.1CVSS8.8AI score0.00672EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.82 views

CVE-2020-35168

CVE-2020-35168 affects Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.6) with an Observable Timing Discrepancy vulnerability. The initial document provides CVSS metrics indicating high impact (network attack, no user interaction) wi...

9.8CVSS9.3AI score0.00403EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.78 views

CVE-2020-29508

CVE-2020-29508 affects Dell BSAFE Crypto-C Micro Edition (versions prior to 4.1.5) and Dell BSAFE Micro Edition Suite (versions prior to 4.6). The root cause is an Improper Input Validation vulnerability. Public references (CNVD/NVD/CVE records and Nessus-related entries) confirm the affected pro...

9.8CVSS9.3AI score0.01024EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.70 views

CVE-2020-35167

Technical details for CVE-2020-35167 are not publicly available in the provided documents. Monitor for updates and additional sources.

9.8CVSS9.3AI score0.00871EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.69 views

CVE-2020-29506

Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.5.2) contain an Observable Timing Discrepancy Vulnerability. The issue is documented with concrete vulnerable components and affected versions; upgrading to 4.1.5 and 4.5.2 respectively...

9.8CVSS9.4AI score0.00965EPSS
CVE
CVE
added 2020/12/16 3:50 p.m.68 views

CVE-2020-5360

CVE-2020-5360 refers to a buffer under-read vulnerability in Dell BSAFE Micro Edition Suite, before version 4.5. The NVD entry notes unauthenticated remote exploitation with network access potentially causing undefined behavior or a crash (availability impact). Corporate context in connected docu...

7.5CVSS8AI score0.02207EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.64 views

CVE-2018-11055

RSA BSAFE Micro Edition Suite (MES) contains an Improper Clearing of Heap Memory Before Release vulnerability in MES versions 4.0.x before 4.0.11 and 4.1.x before 4.1.6.1. Decoded PKCS#12 data in heap memory is not zeroized before memory release, enabling a local attacker to access previously dec...

5.5CVSS6.9AI score0.00426EPSS
CVE
CVE
added 2018/11/16 9:0 p.m.64 views

CVE-2018-15769

CVE-2018-15769 affects RSA BSAFE Micro Edition Suite: versions before 4.0.11 (4.0.x) and before 4.1.6.2 (4.1.x). The issue is a key management flaw that can allow a TLS server using Ephemeral/Anonymous Diffie-Hellman (DHE/ADH) ciphers to cause a Denial-of-Service on TLS clients during the handsha...

7.5CVSS8.3AI score0.0265EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.62 views

CVE-2018-11056

The CVE describes a DoS risk in Dell EMC RSA BSAFE Micro Edition Suite (MES) before 4.1.6.1 (4.1.x line) and RSA BSAFE Crypto-C Micro Edition before 4.0.5.3 (4.0.x line). The vulnerability is an Uncontrolled Resource Consumption (Resource Exhaustion) when parsing ASN.1 data, allowing a remote att...

6.5CVSS7.6AI score0.01869EPSS
CVE
CVE
added 2022/06/01 2:25 p.m.62 views

CVE-2020-26184

CVE-2020-26184 affects Dell BSAFE Micro Edition Suite prior to 4.5.1. The vulnerability is improper certificate validation in the library/component, with a CVSSv3 base score of 7.5 (HIGH) and network vector with no privileges required. Affected versions must be updated to 4.5.1 or later to resolv...

7.5CVSS7.6AI score0.00639EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.61 views

CVE-2020-29507

CVE-2020-29507 affects Dell BSAFE Crypto-C Micro Edition (before 4.1.4) and Dell BSAFE Micro Edition Suite (before 4.4). The vulnerability is described as an Improper Input Validation issue. Public references in the connected documents confirm affected versions and provide remediation guidance: u...

9.8CVSS9.4AI score0.00918EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.59 views

CVE-2018-11054

CVE-2018-11054 affects RSA BSAFE Micro Edition Suite (MES) 4.1.6. An integer overflow vulnerability exists in the MES ASN.1 processing, allowing a remote attacker to trigger a Denial of Service by sending maliciously constructed ASN.1 data. The provided documents confirm the vulnerability details...

7.5CVSS8.4AI score0.03235EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.56 views

CVE-2018-11057

CVE-2018-11057 affects Dell EMC RSA BSAFE Micro Edition Suite (MES) versions before 4.0.11 (in 4.0.x) and before 4.1.6.1 (in 4.1.x). The vulnerability is a covert timing channel during RSA decryption, i.e., Bleichenbacher-style timing leakage, enabling a remote attacker to recover an RSA key. The...

5.9CVSS7.2AI score0.01666EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.49 views

CVE-2020-14655

CVE-2020-14655 affects Oracle Security Service (SSL API) in Oracle Fusion Middleware. Affects 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Vulnerability allows unauthenticated attackers over HTTPS to access/modify Oracle Security Service data with C:H I:L, per CVSSv3.1 base metrics (Network, high attac...

6.5CVSS6.6AI score0.01081EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.48 views

CVE-2018-2765

CVE-2018-2765 affects Oracle Fusion Middleware’s Security Service component (subcomponent: Oracle SSL API). Affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. The vulnerability allows an unauthenticated attacker with network access via HTTPS to access Oracle Security Service data, po...

7.5CVSS7.3AI score0.03439EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.46 views

CVE-2017-10166

CVE-2017-10166 affects Oracle Fusion Middleware’s Oracle Security Service (subcomponent: Oracle SSL API). Vulnerable versions: Oracle Fusion Middleware 11.1.1.9.0 and 12.1.3.0.0. The issue allows an unauthenticated, network-accessible attacker over HTTPS to compromise the Oracle Security Service,...

4.3CVSS3.5AI score0.01471EPSS
CVE
CVE
added 2020/07/15 5:34 p.m.42 views

CVE-2020-14530

CVE-2020-14530 affects Oracle Security Service in Oracle Fusion Middleware (11.1.1.9.0). Description: unauthenticated attacker over HTTPS can access data within Oracle Security Service, indicating a confidentiality impact. CVSSv3.1 base score 5.9 (C:H, A:N) with network attack vector and high att...

5.9CVSS5.8AI score0.01288EPSS