Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle enterprise communications broker 3.3.0 vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl OpensslDebian Debian Linux 10.0Debian Debian Linux 11.0Netapp Santricity Smi-s Provider -Netapp Snapcenter -Netapp Oncommand Workflow Automation -Netapp Oncommand Insight -Netapp Clustered Data Ontap -Netapp Clustered Data Ontap Antivirus Connector -Netapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp Manageability Software Development Kit -Netapp Storage Encryption -Netapp E-series Santricity Os ControllerOracle Peoplesoft Enterprise Peopletools 8.57Oracle Jd Edwards World Security A9.4Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Enterprise Session Border Controller 8.4Oracle Enterprise Communications Broker 3.2.0Oracle Zfs Storage Appliance Kit 8.8Oracle Peoplesoft Enterprise Peopletools 8.59
7.7
CVSSv3
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
F5 NginxOpenresty OpenrestyFedoraproject Fedora 33Fedoraproject Fedora 34Netapp Ontap Select Deploy Administration Utility -Oracle Communications Operations Monitor 3.4Oracle Enterprise Session Border Controller 8.4Oracle Communications Operations Monitor 4.2Oracle Communications Operations Monitor 4.3Oracle Communications Session Border Controller 8.4Oracle Enterprise Session Border Controller 9.0Oracle Communications Session Border Controller 9.0Oracle Enterprise Communications Broker 3.3.0Oracle Enterprise Telephony Fraud Monitor 4.2Oracle Enterprise Telephony Fraud Monitor 4.3Oracle Enterprise Telephony Fraud Monitor 4.4Oracle Enterprise Telephony Fraud Monitor 3.4Oracle Communications Operations Monitor 4.4Oracle Communications Fraud MonitorOracle Communications Control Plane Monitor 4.2Oracle Communications Control Plane Monitor 4.3Oracle Communications Control Plane Monitor 4.4
7.4
CVSSv3
CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Santricity Smi-s Provider -Netapp Clustered Data Ontap -Netapp Clustered Data Ontap Antivirus Connector -Netapp Solidfire -Netapp Hci Management Node -Netapp Manageability Software Development Kit -Netapp Storage Encryption -Netapp E-series Santricity Os ControllerMcafee Epolicy Orchestrator 5.10.0Mcafee Epolicy OrchestratorTenable Tenable.scTenable Nessus Network MonitorOracle Peoplesoft Enterprise Peopletools 8.57Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Zfs Storage Appliance Kit 8.8Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Mysql ServerOracle Mysql Workbench
7.4
CVSSv3
CVE-2020-8203
Prototype pollution attack when using _.zipObjectDeep in lodash prior to 4.17.20.
Lodash LodashOracle Peoplesoft Enterprise Peopletools 8.58Oracle Communications Billing And Revenue Management 12.0.0.3.0Oracle Communications Billing And Revenue Management 7.5.0.23.0Oracle Enterprise Communications Broker 3.2.0Oracle Banking Extensibility Workbench 14.3.0Oracle Banking Virtual Account Management 14.3.0Oracle Banking Trade Finance Process Management 14.3.0Oracle Banking Credit Facilities Process Management 14.3.0Oracle Banking Corporate Lending Process Management 14.3.0Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Primavera GatewayOracle Enterprise Communications Broker Pcz3.3Oracle Communications Subscriber-aware Load Balancer Cz8.3Oracle Communications Subscriber-aware Load Balancer Cz8.4Oracle Communications Session Router Cz8.4Oracle Communications Session Border Controller Cz8.4Oracle Communications Session Border Controller 8.4Oracle Communications Session Border Controller 9.0Oracle Banking Virtual Account Management 14.2.0Oracle Banking Virtual Account Management 14.5.0Oracle Banking Supply Chain Finance 14.2.0
7.2
CVSSv3
CVE-2021-23337
Lodash versions before 4.17.21 are vulnerable to Command Injection via the template function.
Lodash LodashOracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Peoplesoft Enterprise Peopletools 8.58Oracle Primavera Unifier 19.12Oracle Retail Customer Management And Segmentation Foundation 19.0Oracle Communications Services Gatekeeper 7.0Oracle Enterprise Communications Broker 3.2.0Oracle Primavera Unifier 20.12Oracle Banking Extensibility Workbench 14.3.0Oracle Banking Trade Finance Process Management 14.3.0Oracle Banking Credit Facilities Process Management 14.3.0Oracle Banking Corporate Lending Process Management 14.3.0Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Primavera GatewayOracle Communications Session Border Controller 8.4Oracle Communications Session Border Controller 9.0Oracle Banking Supply Chain Finance 14.2.0Oracle Banking Trade Finance Process Management 14.5.0Oracle Banking Credit Facilities Process Management 14.2.0Oracle Banking Credit Facilities Process Management 14.5.0Oracle Banking Corporate Lending Process Management 14.2.0
5.3
CVSSv3
CVE-2020-28500
Lodash versions before 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
Lodash LodashOracle Primavera Unifier 18.8Oracle Primavera UnifierOracle Peoplesoft Enterprise Peopletools 8.58Oracle Primavera Unifier 19.12Oracle Retail Customer Management And Segmentation Foundation 19.0Oracle Communications Services Gatekeeper 7.0Oracle Enterprise Communications Broker 3.2.0Oracle Primavera Unifier 20.12Oracle Banking Extensibility Workbench 14.3.0Oracle Banking Trade Finance Process Management 14.3.0Oracle Banking Credit Facilities Process Management 14.3.0Oracle Banking Corporate Lending Process Management 14.3.0Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Primavera GatewayOracle Communications Session Border Controller 8.4Oracle Communications Session Border Controller 9.0Oracle Banking Supply Chain Finance 14.2.0Oracle Banking Trade Finance Process Management 14.5.0Oracle Banking Credit Facilities Process Management 14.2.0Oracle Banking Credit Facilities Process Management 14.5.0Oracle Banking Corporate Lending Process Management 14.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook