oracle communications cloud native core policy 1.15.0 vulnerabilities and exploits

(subscribe to this query)

5.5

CVSSv3

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the...

Eclipse Jersey Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Communications Cloud Native Core Unified Data Repository 1.15.0

5.7

CVSSv3

A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in...

Pypa Pip Oracle Agile Plm 9.3.6 Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0 Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0 Oracle Communications Cloud Native Core Policy 22.1.35 Github repositories available

3.3

CVSSv3

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service...

Opensuse Libsolv Oracle Communications Cloud Native Core Policy 1.15.0

5

CVSSv3

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation...

Kubernetes Kubernetes Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1 Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0 Oracle Communications Cloud Native Core Policy 1.15.032 Github repositories available2 Articles available

6.5

CVSSv3

Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or...

Vmware Spring Cloud Config Oracle Communications Cloud Native Core Policy 1.15.01 EDB exploit available1 Metasploit module available35 Github repositories available

7.5

CVSSv3

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Oracle Outside In Technology 8.5.5 Oracle Communications Cloud Native Core Policy 1.15.0

5.9

CVSSv3

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0 Oracle Mysql Connectors Oracle Communications Cloud Native Core Console 1.9.0 Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0 Quarkus Quarkus9 Github repositories available

5.5

CVSSv3

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause...

Google Protobuf-kotlin Google Protobuf-java Google Google-protobuf Oracle Communications Cloud Native Core Console 1.9.0 Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Communications Cloud Native Core Network Repository Function 1.15.0 Oracle Communications Cloud Native Core Network Repository Function 1.15.1 Oracle Spatial And Graph Mapviewer 21c Oracle Spatial And Graph Mapviewer 19c3 Github repositories available

7.5

CVSSv3

The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in...

Pypa Pip Opensuse Leap 15.1 Opensuse Leap 15.2 Debian Debian Linux 9.0 Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.04 Github repositories available

9.8

CVSSv3

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources....

Vmware Spring Cloud Function Oracle Sd-wan Edge 9.0 Oracle Retail Xstore Point Of Service 20.0.1 Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0 Oracle Banking Cash Management 14.5 Oracle Banking Trade Finance Process Management 14.5 Oracle Banking Credit Facilities Process Management 14.5 Oracle Banking Corporate Lending Process Management 14.5 Oracle Banking Supply Chain Finance 14.5 Oracle Sd-wan Edge 9.1 Oracle Banking Liquidity Management 14.5 Oracle Banking Liquidity Management 14.2 Oracle Banking Virtual Account Management 14.5 Oracle Financial Services Enterprise Case Management 8.1.1.0 Oracle Financial Services Enterprise Case Management 8.1.1.1 Oracle Financial Services Behavior Detection Platform 8.1.2.0 Oracle Financial Services Behavior Detection Platform 8.1.1.1 Oracle Financial Services Behavior Detection Platform 8.1.1.0 Oracle Mysql Enterprise Monitor Oracle Communications Cloud Native Core Console 1.9.0 Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Communications Communications Policy Management 12.6.0.0.0 Oracle Communications Cloud Native Core Unified Data Repository 1.15.0 Oracle Communications Cloud Native Core Unified Data Repository 22.1.0 Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0 Oracle Communications Cloud Native Core Policy 22.1.0 Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0 Oracle Communications Cloud Native Core Network Slice Selection Function 22.1.0 Oracle Communications Cloud Native Core Network Repository Function 1.15.0 Oracle Communications Cloud Native Core Network Repository Function 22.1.0 Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0 Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0 Oracle Communications Cloud Native Core Network Exposure Function 22.1.0 Oracle Communications Cloud Native Core Console 22.1.0 Oracle Communications Cloud Native Core Automated Test Suite 22.1.0 Oracle Communications Cloud Native Core Automated Test Suite 1.9.0 Oracle Product Lifecycle Analytics 3.6.1.0 Oracle Retail Xstore Point Of Service 21.0.0 Oracle Financial Services Enterprise Case Management 8.1.2.0 Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0 Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0 Oracle Banking Origination 14.5 Oracle Banking Electronic Data Exchange For Corporates 14.5 Oracle Banking Branch 14.5 Oracle Communications Cloud Native Core Policy 22.1.3 Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.286 Github repositories available4 Articles available

Get Started

1 2 3 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook