Oracle Timesten In-memory Database 18.1.4.1.0

CPE Details

Oracle Timesten In-memory Database 18.1.4.1.0
oracle
timesten_in-memory_database
18.1.4.1.0
2022-03-04
14h38 +00:00
2022-03-04
17h29 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:oracle:timesten_in-memory_database:18.1.4.1.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

timesten_in-memory_database

Version

18.1.4.1.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-36221 2021-08-07 22h00 +00:00 Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
5.9
Moyen
CVE-2021-29923 2021-08-07 14h38 +00:00 Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.
7.5
Haute
CVE-2021-2351 2021-07-20 20h43 +00:00 Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. Note: The July 2021 Critical Patch Update introduces a number of Native Network Encryption changes to deal with vulnerability CVE-2021-2351 and prevent the use of weaker ciphers. Customers should review: "Changes in Native Network Encryption with the July 2021 Critical Patch Update" (Doc ID 2791571.1). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
8.3
Haute
CVE-2021-34558 2021-07-15 11h47 +00:00 The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
6.5
Moyen
CVE-2020-7712 2020-08-30 07h15 +00:00 This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
7.2
Haute
CVE-2018-11054 2018-08-31 16h00 +00:00 RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.
7.5
Haute