oracle

10,484 tracked vulnerabilities.

CVE-2021-21705 MEDIUM
PHP 7.3.0-7.3.28 - Improper Input Validation in filter_var URL Validation
Oct 04, 2021
CVSS 4.3
EPSS 0.02
CVE-2021-22947 MEDIUM
curl >=7.20.0 <=7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 5.9
EPSS 0.03
CVE-2021-22946 HIGH
curl >=7.20.0-7.78.0 - Info Disclosure
Sep 29, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-41617 HIGH
OpenSSH 6.2-8.x - Privilege Escalation via AuthorizedKeysCommand and AuthorizedPrincipalsCommand Helper Programs
Sep 26, 2021
CVSS 7.0
EPSS 0.02
CVE-2021-2464 HIGH
Oracle Linux 7 and 8 - Authenticated Remote Code Execution in OSwatcher
Sep 24, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-22945 CRITICAL
libcurl <= 7.73.0, 7.78.0 - Use After Free
Sep 23, 2021
CVSS 9.1
EPSS 0.06
CVE-2021-38153 MEDIUM
Apache Kafka <2.8.1-2.8.0 - Timing Attack
Sep 22, 2021
CVSS 5.9
EPSS 0.06
CVE-2021-40690 HIGH
Apache Santuario XML Security for Java < 2.1.7 - Sensitive Information Exposure via XPath Transform
Sep 19, 2021
CVSS 7.5
EPSS 0.11
CVE-2021-41303 CRITICAL
Apache Shiro < 1.8.0 - Authentication Bypass via Spring Boot Integration
Sep 17, 2021
CVSS 9.8
EPSS 0.77
CVE-2021-3807 HIGH
ansi-regex - Inefficient Regular Expression Complexity
Sep 17, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-40438 CRITICAL KEVNUCLEI
Apache HTTP Server <2.4.48 - SSRF
Sep 16, 2021
CVSS 9.0
EPSS 1.00
CVE-2021-39275 CRITICAL
Apache HTTP Server < 2.4.49 - Out-of-bounds Write in ap_escape_quotes()
Sep 16, 2021
CVSS 9.8
EPSS 0.36
CVE-2021-36160 HIGH
Apache HTTP Server 2.4.30-2.4.48 - Denial of Service via mod_proxy_uwsgi URI Path
Sep 16, 2021
CVSS 7.5
EPSS 0.63
CVE-2021-34798 HIGH
Apache HTTP Server < 2.4.48 - NULL Pointer Dereference
Sep 16, 2021
CVSS 7.5
EPSS 0.65
CVE-2021-23440 HIGH
set-value < 2.0.1 and 3.0.0-4.0.1 - Type Confusion via Array Path Parameter
Sep 12, 2021
CVSS 7.3
EPSS 0.02
CVE-2021-3634 MEDIUM
libssh < 0.9.6 - Out-of-bounds Write via Session ID Buffer Handling
Aug 31, 2021
CVSS 6.5
EPSS 0.05
CVE-2021-39135 HIGH
@npmcli/arborist < 2.8.2 - Arbitrary File Write via Symbolic Link Following
Aug 31, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-39134 HIGH
@npmcli/arborist < 2.8.2 - Arbitrary File Write via Case-Insensitive Dependency Resolution
Aug 31, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-37713 HIGH
npmjs/tar < 4.4.18 - Arbitrary File Creation/Overwrite and Code Execution via Path Traversal
Aug 31, 2021
CVSS 8.2
EPSS 0.01
CVE-2021-37712 HIGH
tar < 4.4.18, 5.0.10, 6.1.9 - Arbitrary File Creation and Overwrite via Unicode Normalization Bypass
Aug 31, 2021
CVSS 8.2
EPSS 0.02
CVE-2021-37701 HIGH
npmjs/tar < 4.4.16 - Arbitrary File Creation and Overwrite via Symlink Directory Cache Bypass
Aug 31, 2021
CVSS 8.2
EPSS 0.03
CVE-2021-3749 HIGH
axios <0.21.2 - Denial of Service via Inefficient Regular Expression
Aug 31, 2021
CVSS 7.5
EPSS 0.09
CVE-2021-3712 HIGH
OpenSSL 1.0.2-1.0.2y 1.1.1-1.1.1k - Out-of-bounds Read in ASN.1 String Processing
Aug 24, 2021
CVSS 7.4
EPSS 0.50
CVE-2021-3711 CRITICAL
OpenSSL 1.1.1-1.1.1k - Buffer Overflow in SM2 Decryption
Aug 24, 2021
CVSS 9.8
EPSS 0.88
CVE-2021-36690 HIGH
SQLite 3.36.0 - Denial of Service via idxGetTableInfo Function
Aug 24, 2021
CVSS 7.5
EPSS 0.04