Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

oracle communications cloud native core console 1.9.0 vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv3
CVE-2021-22060
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of...
Vmware Spring FrameworkOracle Communications Cloud Native Core Console 1.9.0Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
5.9
CVSSv3
CVE-2021-2471
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0Oracle Mysql ConnectorsOracle Communications Cloud Native Core Console 1.9.0Oracle Communications Cloud Native Core Policy 1.15.0Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0Quarkus Quarkus
5.3
CVSSv3
CVE-2021-20289
A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's...
Redhat ResteasyNetapp Oncommand Insight -Quarkus QuarkusOracle Communications Cloud Native Core Console 1.9.0
5.5
CVSSv3
CVE-2021-22569
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause...
Google Protobuf-kotlinGoogle Protobuf-javaGoogle Google-protobufOracle Communications Cloud Native Core Console 1.9.0Oracle Communications Cloud Native Core Policy 1.15.0Oracle Communications Cloud Native Core Network Repository Function 1.15.0Oracle Communications Cloud Native Core Network Repository Function 1.15.1Oracle Spatial And Graph Mapviewer 21cOracle Spatial And Graph Mapviewer 19c
9.8
CVSSv3
CVE-2022-22963
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources....
Vmware Spring Cloud FunctionOracle Sd-wan Edge 9.0Oracle Retail Xstore Point Of Service 20.0.1Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0Oracle Banking Cash Management 14.5Oracle Banking Trade Finance Process Management 14.5Oracle Banking Credit Facilities Process Management 14.5Oracle Banking Corporate Lending Process Management 14.5Oracle Banking Supply Chain Finance 14.5Oracle Sd-wan Edge 9.1Oracle Banking Liquidity Management 14.5Oracle Banking Liquidity Management 14.2Oracle Banking Virtual Account Management 14.5Oracle Financial Services Enterprise Case Management 8.1.1.0Oracle Financial Services Enterprise Case Management 8.1.1.1Oracle Financial Services Behavior Detection Platform 8.1.2.0Oracle Financial Services Behavior Detection Platform 8.1.1.1Oracle Financial Services Behavior Detection Platform 8.1.1.0Oracle Mysql Enterprise MonitorOracle Communications Cloud Native Core Console 1.9.0Oracle Communications Cloud Native Core Policy 1.15.0Oracle Communications Communications Policy Management 12.6.0.0.0Oracle Communications Cloud Native Core Unified Data Repository 1.15.0Oracle Communications Cloud Native Core Unified Data Repository 22.1.0Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0Oracle Communications Cloud Native Core Policy 22.1.0Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0Oracle Communications Cloud Native Core Network Repository Function 1.15.0Oracle Communications Cloud Native Core Network Repository Function 22.1.0Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0Oracle Communications Cloud Native Core Network Exposure Function 22.1.0Oracle Communications Cloud Native Core Console 22.1.0Oracle Communications Cloud Native Core Automated Test Suite 22.1.0Oracle Communications Cloud Native Core Automated Test Suite 1.9.0Oracle Product Lifecycle Analytics 3.6.1.0Oracle Retail Xstore Point Of Service 21.0.0Oracle Financial Services Enterprise Case Management 8.1.2.0Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0Oracle Banking Origination 14.5Oracle Banking Electronic Data Exchange For Corporates 14.5Oracle Banking Branch 14.5Oracle Communications Cloud Native Core Policy 22.1.3Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.2
9.8
CVSSv3
CVE-2022-23221
H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392....
H2database H2Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Oracle Communications Cloud Native Core Console 1.9.0
5.9
CVSSv3
CVE-2020-14340
A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the attacker to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 through 3.8.1.Final....
Redhat XnioRedhat Xnio 3.6.0Redhat Jboss Operations Network 3.0Redhat Jboss Enterprise Application Platform 6.0.0Redhat Jboss Fuse 6.0.0Redhat Jboss Enterprise Application Platform 5.0.0Redhat Jboss Fuse 7.0.0Redhat Jboss Data Grid 7.0.0Redhat Jboss Brms 5Redhat Jboss Soa Platform 5Redhat Jboss Brms 6Redhat Jboss Data Grid 6.0.0Redhat Jboss Data Virtualization 6.0.0Oracle Communications Cloud Native Core Network Repository Function 1.14.0Oracle Communications Cloud Native Core Policy 1.14.0Oracle Communications Cloud Native Core Unified Data Repository 1.14.0Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.15.0Oracle Communications Cloud Native Core Console 1.9.0
4.3
CVSSv3
CVE-2021-22096
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries....
Vmware Spring FrameworkNetapp Snap Creator Framework -Netapp Snapcenter -Netapp Active Iq Unified Manager -Netapp Management Services For Element Software And Netapp Hci -Netapp Metrocluster Tiebreaker -Oracle Communications Cloud Native Core Console 1.9.0Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
7.4
CVSSv3
CVE-2020-25638
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access...
Hibernate Hibernate OrmDebian Debian Linux 9.0Debian Debian Linux 10.0Quarkus QuarkusOracle Retail Customer Management And Segmentation Foundation 19.0Oracle Communications Cloud Native Core Console 1.9.0
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar,...
Vmware Spring FrameworkCisco Cx Cloud AgentOracle Sd-wan Edge 9.0Oracle Retail Xstore Point Of Service 20.0.1Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0Oracle Financial Services Analytical Applications Infrastructure 8.1.1Oracle Sd-wan Edge 9.1Siemens Siveillance Identity 1.6Siemens Siveillance Identity 1.5Siemens Sipass Integrated 2.85Siemens Sipass Integrated 2.80Oracle Product Lifecycle Analytics 3.6.1Oracle Financial Services Enterprise Case Management 8.1.1.0Oracle Financial Services Enterprise Case Management 8.1.1.1Oracle Financial Services Behavior Detection Platform 8.1.2.0Oracle Financial Services Behavior Detection Platform 8.1.1.1Oracle Financial Services Behavior Detection Platform 8.1.1.0Oracle Communications Cloud Native Core Console 1.9.0Oracle Communications Cloud Native Core Policy 1.15.0Oracle Communications Cloud Native Core Unified Data Repository 1.15.0Oracle Communications Cloud Native Core Unified Data Repository 22.1.0Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0Oracle Communications Cloud Native Core Policy 22.1.0Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0Oracle Communications Cloud Native Core Network Repository Function 1.15.0Oracle Communications Cloud Native Core Network Repository Function 22.1.0Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0Oracle Communications Cloud Native Core Network Exposure Function 22.1.0Oracle Communications Cloud Native Core Console 22.1.0Oracle Communications Cloud Native Core Automated Test Suite 22.1.0Oracle Communications Cloud Native Core Automated Test Suite 1.9.0Oracle Retail Xstore Point Of Service 21.0.0Oracle Financial Services Enterprise Case Management 8.1.2.0Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0Oracle Communications Policy Management 12.6.0.0.0Oracle Mysql Enterprise MonitorOracle Communications Cloud Native Core Network Slice Selection Function 1.15.0Siemens Operation SchedulerVeritas Access Appliance 7.4.3Veritas Access Appliance 7.4.3.100Veritas Access Appliance 7.4.3.200Veritas Netbackup Virtual Appliance 4.0.0.1Veritas Netbackup Virtual Appliance 4.1.0.1Veritas Netbackup Appliance 4.0.0.1Veritas Netbackup Appliance 4.1.0.1Veritas Netbackup Virtual Appliance 4.0Veritas Netbackup Virtual Appliance 4.1Veritas Netbackup Appliance 4.0Veritas Netbackup Appliance 4.1Veritas Flex Appliance 2.0Veritas Flex Appliance 2.0.1Veritas Flex Appliance 2.0.2Veritas Flex Appliance 2.1Veritas Flex Appliance 1.3Veritas Netbackup Flex Scale Appliance 2.1Veritas Netbackup Flex Scale Appliance 3.0Siemens Sinec Network Management SystemSiemens Simatic Speech Assistant For MachinesOracle Weblogic Server 12.2.1.3.0Oracle Retail Customer Management And Segmentation Foundation 17.0Oracle Retail Customer Management And Segmentation Foundation 18.0Oracle Weblogic Server 12.2.1.4.0Oracle Weblogic Server 14.1.1.0.0Oracle Retail Customer Management And Segmentation Foundation 19.0Oracle Retail Merchandising System 16.0.3Oracle Retail Financial Integration 16.0.3Oracle Retail Integration Bus 16.0.3Oracle Communications Unified Inventory Management 7.4.1Oracle Retail Merchandising System 19.0.1Oracle Retail Integration Bus 14.1.3.2Oracle Retail Financial Integration 14.1.3.2Oracle Retail Integration Bus 15.0.3.1Oracle Retail Financial Integration 15.0.3.1Oracle Commerce Platform 11.3.2Oracle Communications Unified Inventory Management 7.4.2Oracle Communications Unified Inventory Management 7.5.0Oracle Retail Integration Bus 19.0.1Oracle Retail Financial Integration 19.0.1Oracle Retail Bulk Data Integration 16.0.3Oracle Communications Cloud Native Core Binding Support Function 22.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
seacmsCVE-2023-28393remote code executionauthentication bypassopen redirectacymailingCVE-2023-43339CVE-2023-3664openstackpopup builderCVE-2023-21987CVE-2023-21991CVE-2023-3550
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook