Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
oracle communications session route manager vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-13947
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0....
Apache Activemq
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
6.1
CVSSv3
CVE-2020-1941
In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue....
Apache Activemq
Oracle Communications Diameter Signaling Router
Oracle Communications Element Manager 8.1.1
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
7.5
CVSSv3
CVE-2019-12423
Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore...
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Communications Diameter Signaling Router
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
6.1
CVSSv3
CVE-2019-17573
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note...
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Communications Element Manager 8.1.1
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
2 Github repositories available
7.2
CVSSv3
CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only...
Apache Http Server 2.4.33
Apache Http Server 2.4.34
Apache Http Server 2.4.35
Apache Http Server 2.4.37
Apache Http Server 2.4.38
Oracle Communications Element Manager 8.0.0
Oracle Communications Element Manager 8.1.0
Oracle Communications Element Manager 8.1.1
Oracle Communications Element Manager 8.2.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Http Server 12.2.1.4.0
Oracle Instantis Enterprisetrack
Oracle Retail Xstore Point Of Service 7.1
2 Github repositories available
5.3
CVSSv3
CVE-2020-1934
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server....
Apache Http Server
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Oracle Instantis Enterprisetrack
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Zfs Storage Appliance Kit 8.8
10 Github repositories available
6.1
CVSSv3
CVE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL....
Apache Http Server
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand Unified Manager Core Package -
Broadcom Brocade Fabric Operating System -
Oracle Sd-wan Aware 8.2
Oracle Instantis Enterprisetrack
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Zfs Storage Appliance Kit 8.8
10 Github repositories available
7.5
CVSSv3
CVE-2021-26117
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users...
Apache Activemq
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
Debian Debian Linux 9.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
1 Github repository available
9.8
CVSSv3
CVE-2020-11998
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...
Apache Activemq 5.15.12
Oracle Communications Diameter Signaling Router
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Oracle Enterprise Repository 11.1.1.7.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
1 Github repository available
5.3
CVSSv3
CVE-2020-1954
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a...
Apache Cxf
Oracle Communications Diameter Signaling Router
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Netapp Oncommand Workflow Automation -
Netapp Snapmanager -
Oracle Communications Diameter Signaling Router Idih\\
Oracle Communications Session Route Manager
1 Github repository available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-2817
CVE-2022-37400
CVE-2022-37042
unspecified
CVE-2021-30873
firmware
CVE-2022-37447
firewall
CVE-2020-23622
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »
Vulmon