9 matches found
CVE-2017-5645
CVE-2017-5645 affects Apache Log4j 2.x prior to 2.8.2. The vulnerability arises when using a TCP/UDP socket server to receive serialized log events from another application; a crafted binary payload can be deserialized to execute arbitrary code. The documented impact is remote code execution via ...
CVE-2018-1000613
CVE-2018-1000613 concerns Legion of the Bouncy Castle Java Cryptography APIs (BC) 1.58–1.59 up to, but not including, 1.60. It is a CWE-470 Unsafe Reflection vulnerability in XMSS/XMSS^MT private key deserialization, which can allow a remote attacker to execute arbitrary code by crafting a privat...
CVE-2018-1000180
CVE-2018-1000180 affects Bouncy Castle BC 1.54–1.59 (and BC-FJA 1.0.0/1.0.1) with a flaw in the Low-level RSA key pair generator interface that may produce RSA key pairs with fewer Miller–Rabin primality tests than expected. IBM vulnerability bulletins associate this CVE with IBM products (e.g., ...
CVE-2019-17359
The CVE-2019-17359 entry concerns Bouncy Castle Crypto (BC Java) 1.63. The vulnerability lies in the ASN.1 parser, which can trigger a large memory allocation leading to a memory exhaustion/OutOfMemoryError via crafted ASN.1 data. Affected product: BC Java 1.63; fixed in BC Java 1.64. The issue i...
CVE-2022-21562
CVE-2022-21562 affects Oracle Fusion Middleware’s Oracle SOA Suite (Fabric Layer). Affected are 12.2.1.3.0 and 12.2.1.4.0. The vulnerability enables unauthenticated network access over HTTP to compromise the SOA Suite, potentially allowing unauthorized creation, deletion or modification of data a...
CVE-2022-21622
The CVE-2022-21622 entry affects Oracle Fusion Middleware’s Oracle SOA Suite (Adapters) with affected versions 12.2.1.3.0 and 12.2.1.4.0. The issue enables an unauthenticated attacker, over the network via HTTP, to compromise data in the Oracle SOA Suite, potentially allowing unauthorized creatio...
CVE-2019-2572
CVE-2019-2572 affects Oracle Fusion Middleware Oracle SOA Suite (Fabric Layer) with version 11.1.1.9.0. The vulnerability is exploitable remotely over HTTP by an unauthenticated attacker and can lead to unauthorized read access to a subset of SOA Suite data. Affected component/issue is documented...
CVE-2017-10026
CVE-2017-10026 affects the Oracle Fusion Middleware’s Oracle SOA Suite component (Fabric Layer), specifically the 11.1.1.7.0 version. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the SOA Suite. The description notes that attacks require human int...
CVE-2018-3105
CVE-2018-3105 affects Oracle Fusion Middleware/SOA Suite (Health Care FastPath). Affected products/versions: Oracle SOA Suite in 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0. The issue is exploitable by a low-privileged attacker over HTTP with network access, leading to unauthorized...