VYPR

Secure Global Desktop

by Oracle Corporation

CVEs (32)

  • CVE-2017-3167CriJun 20, 2017
    risk 0.65cvss 9.8epss 0.20

    In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.

  • CVE-2017-9788CriJul 13, 2017
    risk 0.64cvss 9.1epss 0.57

    In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment…

  • CVE-2016-3613CriJul 21, 2016
    risk 0.64cvss 9.8epss 0.05

    Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, and 5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to OpenSSL.

  • CVE-2016-5580CriOct 25, 2016
    risk 0.63cvss 9.6epss 0.02

    Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and 5.2 allows remote authenticated users to affect confidentiality and availability via vectors through Web Services.

  • CVE-2017-7668HigJun 20, 2017
    risk 0.53cvss 7.5epss 0.57

    The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a…

  • CVE-2014-0226Jul 20, 2014
    risk 0.10cvss epss 0.86

    Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers…

  • CVE-2018-19439Dec 13, 2018
    risk 0.03cvss epss 0.21

    XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). helpwindow.jsp has reflected XSS via all parameters, as demonstrated by the sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp windowTitle…

  • CVE-2014-0098Mar 18, 2014
    risk 0.02cvss epss 0.26

    The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.

  • CVE-2021-35650Oct 20, 2021
    risk 0.00cvss epss 0.01

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle…

  • CVE-2021-35649Oct 20, 2021
    risk 0.00cvss epss 0.01

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle…

  • CVE-2021-2447Jul 20, 2021
    risk 0.00cvss epss 0.01

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle…

  • CVE-2021-2446Jul 20, 2021
    risk 0.00cvss epss 0.02

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle…

  • CVE-2021-2248Apr 22, 2021
    risk 0.00cvss epss 0.03

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Server). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle…

  • CVE-2021-2221Apr 22, 2021
    risk 0.00cvss epss 0.02

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle…

  • CVE-2021-2177Apr 22, 2021
    risk 0.00cvss epss 0.03

    Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Gateway). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise…

  • CVE-2016-0501Jan 21, 2016
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.2 allows remote attackers to affect availability via vectors related to SGD Core.

  • CVE-2015-2581Jul 16, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.

  • CVE-2014-6459Oct 15, 2014
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and…

  • CVE-2014-2476Oct 15, 2014
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and…

  • CVE-2014-2475Oct 15, 2014
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv).

Page 1 of 2