12.2.1.4.0 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2022-25315	190	Overflow	2022-02-18	2022-06-14	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
2	CVE-2022-25314	190	Overflow	2022-02-18	2022-06-14	5.0	None	Remote	Low	Not required	None	None	Partial
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
3	CVE-2022-25313	400		2022-02-18	2022-06-14	4.3	None	Remote	Medium	Not required	None	None	Partial
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
4	CVE-2022-25236	668		2022-02-16	2022-06-14	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
5	CVE-2022-25235	116		2022-02-16	2022-06-14	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
6	CVE-2022-23943	787		2022-03-14	2022-06-17	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions.
7	CVE-2022-21375			2022-01-19	2022-07-29	4.9	None	Local	Low	Not required	None	None	Complete
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
8	CVE-2022-21271		DoS	2022-01-19	2022-07-29	5.0	None	Remote	Low	Not required	None	None	Partial
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
9	CVE-2022-0391	74		2022-02-09	2022-06-16	5.0	None	Remote	Low	Not required	None	Partial	None
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14.
10	CVE-2021-44224	476		2021-12-20	2022-07-30	6.4	None	Remote	Low	Not required	None	Partial	Partial
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
11	CVE-2021-43818	79	XSS	2021-12-13	2022-07-25	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5 to receive a patch. There are no known workarounds available.
12	CVE-2021-40438	918		2021-09-16	2022-06-14	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
13	CVE-2021-36160	125		2021-09-16	2022-05-13	5.0	None	Remote	Low	Not required	None	None	Partial
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
14	CVE-2021-34798	476		2021-09-16	2022-06-14	5.0	None	Remote	Low	Not required	None	None	Partial
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
15	CVE-2021-25219			2021-10-27	2022-04-25	5.0	None	Remote	Low	Not required	None	None	Partial
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing.
16	CVE-2021-4185	835	DoS	2021-12-30	2022-05-24	5.0	None	Remote	Low	Not required	None	None	Partial
Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
17	CVE-2021-4184	835	DoS	2021-12-30	2022-05-24	5.0	None	Remote	Low	Not required	None	None	Partial
Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
18	CVE-2021-4183		DoS	2021-12-30	2022-07-30	4.3	None	Remote	Medium	Not required	None	None	Partial
Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file
19	CVE-2021-4182		DoS	2021-12-30	2022-07-30	5.0	None	Remote	Low	Not required	None	None	Partial
Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
20	CVE-2021-4181	125	DoS	2021-12-30	2022-07-12	5.0	None	Remote	Low	Not required	None	None	Partial
Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via packet injection or crafted capture file
21	CVE-2021-2315			2021-04-22	2021-04-29	5.8	None	Remote	Medium	Not required	Partial	Partial	None
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle HTTP Server accessible data as well as unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N).
22	CVE-2020-24977	125		2020-09-04	2022-07-25	6.4	None	Remote	Low	Not required	Partial	None	Partial
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
23	CVE-2020-5360	125		2020-12-16	2021-12-09	5.0	None	Remote	Low	Not required	None	None	Partial
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.
24	CVE-2020-1971	476	DoS	2020-12-08	2022-05-12	4.3	None	Remote	Medium	Not required	None	None	Partial
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).
25	CVE-2020-1967	476	DoS	2020-04-21	2021-12-10	5.0	None	Remote	Low	Not required	None	None	Partial
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
26	CVE-2019-10219	79	XSS	2019-11-08	2022-05-23	4.3	None	Remote	Medium	Not required	None	Partial	None
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
27	CVE-2019-10097	787	Overflow	2019-09-26	2021-07-07	6.0	None	Remote	Medium	???	Partial	Partial	Partial
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.
28	CVE-2019-10082	416		2019-09-26	2022-07-25	6.4	None	Remote	Low	Not required	Partial	None	Partial
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
29	CVE-2019-5482	787	Overflow	2019-09-16	2021-11-03	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
30	CVE-2019-5443	427		2019-07-02	2021-11-03	4.4	None	Local	Medium	Not required	Partial	Partial	Partial
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can do anything it wants.
31	CVE-2018-20843	611		2019-06-24	2022-04-18	7.8	None	Remote	Low	Not required	None	None	Complete
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Total number of vulnerabilities : 31 Page : 1 (This Page)