Opensso
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7182 | Cri | 0.65 | 9.8 | 0.10 | Nov 5, 2015 | Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service… | ||
| CVE-2015-0451 | 0.00 | — | 0.01 | Apr 16, 2015 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 3.0-04 allows remote authenticated users to affect confidentiality via vectors related to OpenSSO Web Agents. | |||
| CVE-2015-0389 | 0.00 | — | 0.01 | Jan 21, 2015 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592. | |||
| CVE-2014-6592 | 0.00 | — | 0.01 | Jan 21, 2015 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389. | |||
| CVE-2014-2426 | 0.00 | — | 0.01 | Apr 16, 2014 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity and availability via unknown vectors related to Admin Console. | |||
| CVE-2014-2425 | 0.00 | — | 0.01 | Apr 16, 2014 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect confidentiality via unknown vectors. | |||
| CVE-2014-0465 | 0.00 | — | 0.01 | Apr 16, 2014 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console. | |||
| CVE-2013-1620 | 0.00 | — | 0.04 | Feb 8, 2013 | The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and… | |||
| CVE-2012-0079 | 0.00 | — | 0.01 | Jan 18, 2012 | Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration. | |||
| CVE-2011-3517 | 0.00 | — | 0.04 | Oct 18, 2011 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication. | |||
| CVE-2011-3506 | 0.00 | — | 0.02 | Oct 18, 2011 | Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication. | |||
| CVE-2010-4444 | 0.00 | — | 0.02 | Jan 19, 2011 | Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. |
- risk 0.65cvss 9.8epss 0.10
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service…
- CVE-2015-0451Apr 16, 2015risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 3.0-04 allows remote authenticated users to affect confidentiality via vectors related to OpenSSO Web Agents.
- CVE-2015-0389Jan 21, 2015risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2014-6592.
- CVE-2014-6592Jan 21, 2015risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via vectors related to SAML, a different vulnerability than CVE-2015-0389.
- CVE-2014-2426Apr 16, 2014risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity and availability via unknown vectors related to Admin Console.
- CVE-2014-2425Apr 16, 2014risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect confidentiality via unknown vectors.
- CVE-2014-0465Apr 16, 2014risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console.
- CVE-2013-1620Feb 8, 2013risk 0.00cvss —epss 0.04
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and…
- CVE-2012-0079Jan 18, 2012risk 0.00cvss —epss 0.01
Unspecified vulnerability in Oracle OpenSSO 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Administration.
- CVE-2011-3517Oct 18, 2011risk 0.00cvss —epss 0.04
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication.
- CVE-2011-3506Oct 18, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
- CVE-2010-4444Jan 19, 2011risk 0.00cvss —epss 0.02
Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.