Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Oracle Subscribe
Filtered by product Spatial And Graph
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-45943 4 Debian, Fedoraproject, Oracle and 1 more 4 Debian Linux, Fedora, Spatial And Graph and 1 more 2022-11-04 4.3 MEDIUM 5.5 MEDIUM
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
CVE-2019-17545 5 Debian, Fedoraproject, Opensuse and 2 more 6 Debian Linux, Fedora, Backports Sle and 3 more 2022-10-27 7.5 HIGH 9.8 CRITICAL
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
CVE-2020-9488 4 Apache, Debian, Oracle and 1 more 46 Log4j, Debian Linux, Communications Application Session Controller and 43 more 2022-05-12 4.3 MEDIUM 3.7 LOW
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1