threat
engine
.sh
Back
·
··:··
Home
/
Product
/
oracle oss support tools
Product
oracle oss support tools
19 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-21405
all versions
Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is
5.5
MEDIUM
CVE-2021-41973
all versions
In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder
6.5
MEDIUM
CVE-2021-2351
< 2.12.42
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1
8.3
HIGH
CVE-2021-30129
all versions
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issu
6.5
MEDIUM
CVE-2021-2303
< 2.12.41
Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Diagnostic Assistant). The supported version th
4.9
MEDIUM
CVE-2021-29425
< 2.12.42
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo",
4.8
MEDIUM
CVE-2021-27568
< 2.12.42
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a f
5.9
MEDIUM
CVE-2020-11023
< 2.12.41
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sourc
6.9
MEDIUM
CVE-2019-10219
< 2.12.42
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting
6.1
MEDIUM
CVE-2019-5482
all versions
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
9.8
CRITICAL
CVE-2019-5481
all versions
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
9.8
CRITICAL
CVE-2019-5443
all versions
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will mak
7.8
HIGH
CVE-2019-5436
all versions
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.
7.8
HIGH
CVE-2015-9251
all versions
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the
6.1
MEDIUM
CVE-2018-2617
< 2.11.33
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported versi
7.5
HIGH
CVE-2018-2616
< 2.11.33
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported versi
8.8
HIGH
CVE-2018-2615
< 2.11.33
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported versi
8.8
HIGH
CVE-2016-7103
< 2.12.42
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or
6.1
MEDIUM
CVE-2015-3197
all versions
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easi
5.9
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin