CVE-2021-41772

all versions

Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid

7.5HIGH

CVE-2021-36221

< 21.1.1.1.0

Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an Er

5.9MEDIUM

CVE-2021-29923

< 21.1.1.1.0

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situa

7.5HIGH

CVE-2021-2351

< 21.1.1.1.0

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1

8.3HIGH

CVE-2021-34558

< 21.1.1.1.0

The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches t

6.5MEDIUM

CVE-2021-36374

< 11.2.2.8.27

When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of m

5.5MEDIUM

CVE-2021-36373

< 11.2.2.8.27

When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally lead

5.5MEDIUM

CVE-2020-11979

< 11.2.2.8.27

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current u

7.5HIGH

CVE-2020-7712

< 21.1.1.1.0

This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.

7.2HIGH

CVE-2020-1945

< 11.2.2.8.27

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.

6.3MEDIUM

CVE-2019-10219

< 11.2.2.8.27

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting

6.1MEDIUM

CVE-2019-1010239

< 18.1.3.1.0

DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference

7.5HIGH

CVE-2019-0201

< 18.1.3.1.0

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t ch

5.9MEDIUM

CVE-2019-11835

< 18.1.3.1.0

cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.

9.8CRITICAL

CVE-2019-11834

< 18.1.3.1.0

cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.

9.8CRITICAL

CVE-2018-15769

< 18.1.4.1.0

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a

7.5HIGH

CVE-2018-11058

< 18.1.4.1.0

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edi

9.8CRITICAL

CVE-2018-11057

< 18.1.4.1.0

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channe

5.9MEDIUM

CVE-2018-11056

< 18.1.4.1.0

RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0

6.5MEDIUM

CVE-2018-11055

< 18.1.4.1.0

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing

5.5MEDIUM

CVE-2018-11054

<= 18.1.4.1.0

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously

7.5HIGH

CVE-2018-1288

< 18.1.2.1.0

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform a

5.4MEDIUM

CVE-2016-8610

< 18.1.4.1.0

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol define

7.5HIGH

CVE-2017-5645

all versions

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from anot

9.8CRITICAL

CVE-2016-2381

< 18.1.2.1.0

Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment

7.5HIGH

CVE-2010-0910

all versions

Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 and 11.2.1.4.1 allows remote

CVE-2010-0873

all versions

Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 allows remote attackers to af

CVE-2008-5440

all versions

Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect con

CVE-2008-2599

all versions

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown imp

CVE-2008-2598

all versions

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown imp

CVE-2008-2597

all versions

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown imp