Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle instantis enterprisetrack 17.3 vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2019-0219
A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI.
Apache Cordova InappbrowserOracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Retail Xstore Point Of Service 16.0.6Oracle Retail Xstore Point Of Service 17.0.4Oracle Retail Xstore Point Of Service 18.0.3Oracle Retail Xstore Point Of Service 19.0.2
7.5
CVSSv3
CVE-2019-0190
A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSS...
Apache Http Server 2.4.37Oracle Retail Xstore Point Of Service 7.1Oracle Retail Xstore Point Of Service 7.0Oracle Hospitality Guest Access 4.2.0Oracle Hospitality Guest Access 4.2.1Oracle Enterprise Manager Ops Center 12.3.3Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3
9.8
CVSSv3
CVE-2021-26691
In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow
Apache Http ServerDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 34Fedoraproject Fedora 35Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Zfs Storage Appliance Kit 8.8Oracle Secure BackupNetapp Cloud Backup -
7.5
CVSSv3
CVE-2021-31618
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status...
Apache Http Server 1.15.17Apache Http Server 2.4.47Fedoraproject Fedora 33Fedoraproject Fedora 34Debian Debian Linux 9.0Debian Debian Linux 10.0Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Zfs Storage Appliance Kit 8.8
7.5
CVSSv3
CVE-2020-11993
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "in...
Apache Http ServerNetapp Clustered Data Ontap -Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Opensuse Leap 15.1Opensuse Leap 15.2Debian Debian Linux 10.0Fedoraproject Fedora 31Fedoraproject Fedora 32Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Hyperion Infrastructure Technology 11.1.2.4Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Communications Session Route ManagerOracle Communications Session Report ManagerOracle Communications Element ManagerOracle Zfs Storage Appliance Kit 8.8
9.8
CVSSv3
CVE-2020-11984
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Apache Http ServerNetapp Clustered Data Ontap -Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Debian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Leap 15.1Opensuse Leap 15.2Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Hyperion Infrastructure Technology 11.1.2.4Oracle Enterprise Manager Ops Center 12.4.0.0Oracle Communications Session Route ManagerOracle Communications Session Report ManagerOracle Communications Element ManagerOracle Zfs Storage Appliance Kit 8.8
7.5
CVSSv3
CVE-2021-25122
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results...
Apache Tomcat 9.0.0Apache Tomcat 10.0.0Apache TomcatDebian Debian Linux 9.0Debian Debian Linux 10.0Oracle Managed File Transfer 12.2.1.3.0Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Agile Plm 9.3.3Oracle Agile Plm 9.3.6Oracle Database 12.2.0.1Oracle Database 19cOracle Managed File Transfer 12.2.1.4.0Oracle Siebel Ui FrameworkOracle Mysql Enterprise MonitorOracle Graph Server And ClientOracle Graph Server And Client 21.3.0Oracle Database 21cOracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Instant Messaging Server 10.0.1.5.0Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.6.0
7
CVSSv3
CVE-2021-25329
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note tha...
Apache Tomcat 9.0.0Apache Tomcat 10.0.0Apache TomcatDebian Debian Linux 9.0Debian Debian Linux 10.0Oracle Managed File Transfer 12.2.1.3.0Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Agile Plm 9.3.3Oracle Agile Plm 9.3.6Oracle Database 12.2.0.1Oracle Database 19cOracle Managed File Transfer 12.2.1.4.0Oracle Siebel Ui FrameworkOracle Mysql Enterprise MonitorOracle Graph Server And ClientOracle Database 21cOracle Siebel Ui Framework 21.9Oracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Instant Messaging Server 10.0.1.5.0Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.6.0
8.2
CVSSv3
CVE-2021-44224
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server ...
Apache Http ServerFedoraproject Fedora 34Fedoraproject Fedora 35Fedoraproject Fedora 36Debian Debian Linux 10.0Debian Debian Linux 11.0Tenable Tenable.scOracle Http Server 12.2.1.3.0Oracle Communications Operations Monitor 4.0Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Http Server -Oracle Http Server 12.2.1.4.0Oracle Communications Operations Monitor 4.3Oracle Communications Operations Monitor 4.4Oracle Communications Operations Monitor 5.0Oracle Communications Element ManagerOracle Communications Session Report ManagerOracle Communications Session Route ManagerApple MacosApple Mac Os X 10.15.7
9.8
CVSSv3
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Ser...
Apache Http ServerFedoraproject Fedora 34Fedoraproject Fedora 35Fedoraproject Fedora 36Debian Debian Linux 10.0Debian Debian Linux 11.0Tenable Tenable.scNetapp Cloud Backup -Oracle Http Server 12.2.1.3.0Oracle Instantis Enterprisetrack 17.1Oracle Instantis Enterprisetrack 17.2Oracle Instantis Enterprisetrack 17.3Oracle Http Server 12.2.1.4.0Oracle Zfs Storage Appliance Kit 8.8Oracle Communications Operations Monitor 4.3Oracle Communications Operations Monitor 4.4Oracle Communications Operations Monitor 5.0Oracle Communications Element ManagerOracle Communications Session Report ManagerOracle Communications Session Route ManagerApple MacosApple Mac Os X 10.15.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook