Tuxedo@12.1.1.0.0 Security Vulnerabilities and Issues — Tuxedo@12.1.1.0.0 CVE List

Lucene search

OracleTuxedo12.1.1.0.0

5 matches found

CVE•added 2018/11/15 9:29 p.m.•586 views

CVE-2018-5407

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

4.7CVSS5.6AI score0.00674EPSS

CVE•added 2018/10/30 12:29 p.m.•464 views

CVE-2018-0734

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0....

5.9CVSS5.9AI score0.06051EPSS

CVE•added 2018/10/29 1:29 p.m.•460 views

CVE-2018-0735

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).

5.9CVSS5.7AI score0.07042EPSS

CVE•added 2019/05/01 9:29 p.m.•246 views

CVE-2019-0227

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2...

7.5CVSS8.3AI score0.89832EPSS

CVE•added 2018/08/02 1:29 p.m.•226 views

CVE-2018-8032

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

6.1CVSS5.8AI score0.02343EPSS