Oss support tools

This hub aggregates every CVE we track for Oss support tools, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Oss support tools.

• CVE-2022-21405Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Oracle Explorer). The supported version that is affected is 18.3. Easily exploitable vulnerability allows high pri...5.5Apr 19, 2022
• CVE-2021-41973Apache MINA HTTP listener DOS6.5Nov 1, 2021
• CVE-2021-2351Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows u...8.3Jul 20, 2021
• CVE-2021-30129DoS/OOM leak vulnerability in Apache Mina SSHD Server6.5Jul 12, 2021
• CVE-2021-31684A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request.7.5Jun 1, 2021
• CVE-2021-2303Vulnerability in the OSS Support Tools product of Oracle Support Tools (component: Diagnostic Assistant). The supported version that is affected is Prior to 2.12.41. Easily exploitable vulnerabilit...4.9Apr 22, 2021
• CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8Apr 13, 2021
• CVE-2021-27568An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatExcep...5.9Feb 23, 2021
• CVE-2020-11023Potential XSS vulnerability in jQueryKEV6.9Apr 29, 2020
• CVE-2019-10219A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. T...6.1Nov 8, 2019
• CVE-2019-5482Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.9.8Sep 16, 2019
• CVE-2019-5481Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.9.8Sep 16, 2019
• CVE-2019-5443A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine"...7.8Jul 2, 2019
• CVE-2019-5436A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.7.8May 28, 2019
• CVE-2018-0732Client DoS due to large DH parameter7.5Jun 12, 2018