Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle blockchain platform vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2017-14159
slapd in OpenLDAP 2.4.45 and previous versions creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a &qu...
Openldap Openldap
Oracle Blockchain Platform
8.8
CVSSv3
CVE-2020-5245
Dropwizard-Validation prior to 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fi...
Dropwizard Dropwizard Validation
Oracle Blockchain Platform
7.5
CVSSv3
CVE-2017-17740
contrib/slapd-modules/nops/nops.c in OpenLDAP up to and including 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote malicious users to cause a denial of service (slapd crash) via ...
Openldap Openldap
Opensuse Leap 15.0
Opensuse Leap 15.1
Oracle Blockchain Platform
Mcafee Policy Auditor
7.4
CVSSv3
CVE-2020-8172
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
Nodejs Node.js
Oracle Banking Extensibility Workbench 14.3.0
Oracle Banking Extensibility Workbench 14.4.0
Oracle Blockchain Platform
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
Oracle Mysql Cluster
4.2
CVSSv3
CVE-2020-15719
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat E...
Openldap Openldap
Redhat Enterprise Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Mcafee Policy Auditor
Oracle Blockchain Platform
7.5
CVSSv3
CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. T...
Nghttp2 Nghttp2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Oracle Banking Extensibility Workbench 14.3.0
Oracle Banking Extensibility Workbench 14.4.0
Oracle Blockchain Platform
Oracle Enterprise Communications Broker 3.1.0
Oracle Enterprise Communications Broker 3.2.0
Oracle Graalvm 19.3.2
7.5
CVSSv3
CVE-2020-8277
A Node.js application that allows an malicious user to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. ...
Nodejs Node.js
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Blockchain Platform
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Mysql Cluster
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
8.1
CVSSv3
CVE-2020-8174
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
Nodejs Node.js
Oracle Banking Extensibility Workbench 14.3.0
Oracle Banking Extensibility Workbench 14.4.0
Oracle Blockchain Platform
Oracle Mysql Cluster
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Retail Xstore Point Of Service 20.0.1
Netapp Active Iq Unified Manager -
Netapp Oncommand Insight -
1 Github repository
4.9
CVSSv3
CVE-2019-13057
An issue exists in the server in OpenLDAP prior to 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting ...
Openldap Openldap
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Apple Mac Os X
Apple Mac Os X 10.13.6
Apple Mac Os X 10.14.6
7.5
CVSSv3
CVE-2019-13565
An issue exists in OpenLDAP 2.x prior to 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in t...
Openldap Openldap
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Traffix Signaling Delivery Controller 5.0.0
F5 Traffix Signaling Delivery Controller 5.1.0
Apple Mac Os X
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
type confusion
CVE-2025-25205
pihome-shc
CVE-2025-26356
progress® telerik® document processing libraries
CVE-2025-24472
race condition
code-projects
CVE-2025-1100
unauthorized
CVE-2025-0556
CVE-2024-46982
telerik ui for winui
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »