Skip to main content

Goldengate

18 CVEs product

Monthly

CVE-2022-21442 HIGH This Week

Vulnerability in Oracle GoldenGate (component: OGG Core Library). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Goldengate
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2021-4104 Maven HIGH Act Now

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 72.2% and no vendor patch available.

RCE Deserialization Apache Log4J Fedora +44
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
72.2%
CVE-2021-3749 npm HIGH POC PATCH MAL This Week

axios is vulnerable to Inefficient Regular Expression Complexity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Axios Sinec Ins Goldengate
NVD GitHub
CVSS 3.1
7.5
EPSS
8.5%
CVE-2021-2351 HIGH POC PATCH This Week

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Oracle Information Disclosure Advanced Networking Option Agile Engineering Data Management Agile Plm +108
NVD
CVSS 3.1
8.3
EPSS
2.5%
CVE-2021-23017 HIGH POC PATCH THREAT This Week

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Nginx Denial Of Service Openresty Fedora Ontap Select Deploy Administration Utility +9
NVD Exploit-DB
CVSS 3.1
7.7
EPSS
53.5%
CVE-2020-14705 CRITICAL Act Now

Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Goldengate
NVD
CVSS 3.1
9.6
EPSS
1.9%
CVE-2019-10219 Maven MEDIUM POC PATCH This Month

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hibernate Validator Fuse Jboss Data Grid Jboss Enterprise Application Platform +184
NVD GitHub
CVSS 3.1
6.1
EPSS
2.2%
CVE-2019-3740 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Application Performance Management +14
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2019-3739 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Application Performance Management +12
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-3738 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Threat Intelligence Exchange Server +12
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2018-2914 HIGH POC PATCH This Week

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Null Pointer Dereference Denial Of Service Goldengate
NVD
CVSS 3.0
7.5
EPSS
3.9%
CVE-2018-2913 CRITICAL POC PATCH Act Now

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Monitoring Manager). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Memory Corruption Microsoft Buffer Overflow Goldengate
NVD
CVSS 3.0
10.0
EPSS
4.2%
CVE-2018-2912 HIGH POC PATCH This Week

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Null Pointer Dereference Denial Of Service Goldengate
NVD
CVSS 3.0
7.5
EPSS
3.9%
CVE-2018-2832 HIGH PATCH This Week

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Goldengate
NVD
CVSS 3.0
8.6
EPSS
1.9%
CVE-2017-5645 Maven CRITICAL POC PATCH THREAT Act Now

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 94.0%.

Deserialization Apache RCE Log4J Oncommand Api Services +77
NVD
CVSS 3.1
9.8
EPSS
94.0%
Threat
6.3
CVE-2016-0452 CRITICAL Act Now

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.9% and no vendor patch available.

Information Disclosure Oracle Goldengate
NVD
CVSS 2.0
10.0
EPSS
11.9%
CVE-2016-0451 CRITICAL POC THREAT Emergency

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Information Disclosure Oracle Goldengate
NVD
CVSS 2.0
10.0
EPSS
12.4%
CVE-2016-0450 MEDIUM POC This Month

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Oracle Goldengate
NVD
CVSS 2.0
5.0
EPSS
3.2%
EPSS 0% CVSS 8.8
HIGH This Week

Vulnerability in Oracle GoldenGate (component: OGG Core Library). Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Goldengate
NVD
EPSS 72% CVSS 7.5
HIGH Act Now

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 72.2% and no vendor patch available.

RCE Deserialization Apache +46
NVD GitHub VulDB
EPSS 9% CVSS 7.5
HIGH POC PATCH This Week

axios is vulnerable to Inefficient Regular Expression Complexity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Axios Sinec Ins +1
NVD GitHub
EPSS 2% CVSS 8.3
HIGH POC PATCH This Week

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Oracle Information Disclosure Advanced Networking Option +110
NVD
EPSS 53% CVSS 7.7
HIGH POC PATCH THREAT This Week

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Nginx Denial Of Service Openresty +11
NVD Exploit-DB
EPSS 2% CVSS 9.6
CRITICAL Act Now

Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). Rated critical severity (CVSS 9.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Oracle Information Disclosure Goldengate
NVD
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hibernate Validator Fuse +186
NVD GitHub
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +16
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +14
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +14
NVD
EPSS 4% CVSS 7.5
HIGH POC PATCH This Week

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Null Pointer Dereference Denial Of Service +1
NVD
EPSS 4% CVSS 10.0
CRITICAL POC PATCH Act Now

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Monitoring Manager). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Memory Corruption Microsoft +2
NVD
EPSS 4% CVSS 7.5
HIGH POC PATCH This Week

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Manager). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Oracle Null Pointer Dereference Denial Of Service +1
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Goldengate
NVD
EPSS 94% 6.3 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 94.0%.

Deserialization Apache RCE +79
NVD
EPSS 12% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.9% and no vendor patch available.

Information Disclosure Oracle Goldengate
NVD
EPSS 12% CVSS 10.0
CRITICAL POC THREAT Emergency

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Information Disclosure Oracle Goldengate
NVD
EPSS 3% CVSS 5.0
MEDIUM POC This Month

Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Oracle Goldengate
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy