Tuxedo

This hub aggregates every CVE we track for Tuxedo, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Tuxedo.

• CVE-2022-23307A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.8.8Jan 18, 2022
• CVE-2022-23305SQL injection in JDBC Appender in Apache Log4j V19.8Jan 18, 2022
• CVE-2022-23302Deserialization of untrusted data in JMSSink in Apache Log4j 1.x8.8Jan 18, 2022
• CVE-2021-4104Deserialization of untrusted data in JMSAppender in Apache Log4j 1.27.5Dec 14, 2021
• CVE-2019-0227A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subve...7.5May 1, 2019
• CVE-2018-5407Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.4.7Nov 15, 2018
• CVE-2018-0734Timing attack against DSA5.9Oct 30, 2018
• CVE-2018-0735Timing attack against ECDSA signature generation5.9Oct 29, 2018
• CVE-2018-8032Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.6.1Aug 2, 2018
• CVE-2018-3007Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability a...8.6Jul 18, 2018
• CVE-2018-0732Client DoS due to large DH parameter7.5Jun 12, 2018
• CVE-2018-0739Constructed ASN.1 types with a recursive definition could exceed the stack6.5Mar 27, 2018
• CVE-2017-3738There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and D...5.9Dec 7, 2017
• CVE-2017-10266Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnera...5.3Nov 14, 2017
• CVE-2017-10278Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 11.1.1, 12.1.1, 12.1.3 and 12.2.2. Difficult to exploit v...7.0Nov 14, 2017