Oracle Nosql_database
12 CVEs affecting Oracle Nosql_database. Latest disclosed: 2021-03-30. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-14718 | Critical | 9.8 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from poly… |
CVE-2021-22884 | High | 7.5 | 2021-03-03 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not p… |
CVE-2021-22883 | High | 7.5 | 2021-03-03 | Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' a… |
CVE-2021-23840 | High | 7.5 | 2021-02-16 | Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the… |
CVE-2020-11612 | High | 7.5 | 2020-04-07 | The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large Zl… |
CVE-2018-1320 | High | 7.5 | 2019-01-07 | Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTrans… |
CVE-2018-1000873 | Medium | 6.5 | 2018-12-20 | Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-o… |
CVE-2021-21290 | Medium | 6.2 | 2021-02-08 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clie… |
CVE-2019-10219 | Medium | 6.1 | 2019-11-08 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious cod… |
CVE-2021-21409 | Medium | 5.9 | 2021-03-30 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clie… |
CVE-2020-13956 | Medium | 5.3 | 2020-12-02 | Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.U… |
CVE-2020-8908 | Low | 3.3 | 2020-12-10 | A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a tempor… |