MidnightBSD

Advisories for jdedwards

CVE-2005-3465 HIGH

Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JDE01.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jdedwards oneworld_xe 8.95_b1
jdedwards oneworld_xe 8.94_q1
oracle enterpriseone 8.94
jdedwards oneworld_xe sp23_k1
CVE-2006-1884 HIGH

Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
jdedwards enterpriseone_tools 8.95.j1
oracle e-business_suite 11.5.1
oracle database_server 10.2.0.4
oracle database_server 10.2.0.5
oracle peoplesoft_enterprise_tools 8.47.04
oracle enterprise_manager_grid_control 10.1.0.3
oracle peoplesoft_enterprise_tools 8.46
oracle collaboration_suite_10g_release_1 10.1.2.1
oracle database_server 10.2.0.2
oracle database_server 9.0.1.4
oracle e-business_suite 11.5.10
oracle enterprise_manager_grid_control 10.2.0.1
oracle application_server 1.0.2.2
oracle developer_suite 6i
oracle e-business_suite 11.5.10.1
oracle application_server 10.1.2.0.0
oracle application_server 9.0.4.1
oracle pharmaceutical 4.5.1
oracle e-business_suite 11.5.10.2
oracle peoplesoft_enterprise_tools 8.47
oracle application_server 9.0.4.2
oracle database_server 8.0.6.3
oracle database_server 8.1.7.4
oracle pharmaceutical 4.5.2
oracle peoplesoft_enterprise_tools 8.46.12
oneworld oneworld_tools 8.95
oracle database_server 10.2.0.4.2
oneworld oneworld_tools 8.95.j1
oracle collaboration_suite_10g_release_1 10.1.2.0
oracle e-business_suite 11.0
oracle application_server 10.1.2.0.2
oracle database_server 9.2.0.6
oracle application_server 10.1.2.0.1
oracle collaboration_suite 9.0.4.2
oracle application_server 10.1.2.1.0
oracle workflow 11.5.1
oracle collaboration_suite_10g_release_1 10.1.1
oracle database_server 9.2.0.7
oracle pharmaceutical 4.5.0
jdedwards enterpriseone_tools 8.95
oracle database_server 9.0.1.5
oracle workflow 11.5.9.5
oracle application_server 10.1.3.0.0
oracle enterprise_manager_grid_control 10.1.0.4
oracle database_server 10.2.0.1
oracle developer_suite 9.0.4.2
CVE-2020-1967 MEDIUM

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
oracle http_server 12.2.1.4.0
oracle enterprise_manager_for_storage_management 13.3.0.0
freebsd freebsd 12.1
netapp e-series_performance_analyzer -
broadcom fabric_operating_system -
oracle peoplesoft_enterprise_peopletools 8.58
oracle enterprise_manager_base_platform 13.4.0.0
netapp snapcenter -
debian debian_linux 9.0
netapp steelstore_cloud_integrated_storage -
fedoraproject fedora 32
oracle mysql_enterprise_monitor *
netapp smi-s_provider -
openssl openssl *
oracle peoplesoft_enterprise_peopletools 8.59
netapp oncommand_workflow_automation -
oracle peoplesoft_enterprise_peopletools 8.56
netapp oncommand_insight -
oracle application_server 12.1.3
opensuse leap 15.2
oracle jd_edwards_world_security a9.4
oracle peoplesoft_enterprise_peopletools 8.57
tenable log_correlation_engine *
jdedwards enterpriseone *
fedoraproject fedora 30
oracle mysql_workbench *
debian debian_linux 10.0
fedoraproject fedora 31
opensuse leap 15.1
oracle mysql_connectors *
oracle mysql *
oracle enterprise_manager_ops_center 12.4.0
netapp active_iq_unified_manager *
oracle enterprise_manager_for_storage_management 13.4.0.0