Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications messaging server 7.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-5455
Unspecified vulnerability in the Oracle Communications Messaging Server component in Oracle Communications Applications 6.3, 7.0, and 8.0 allows remote malicious users to affect confidentiality via vectors related to Multiplexor.
Oracle Communications Messaging Server 6.3
Oracle Communications Messaging Server 7.0
Oracle Communications Messaging Server 8.0
6.8
CVSSv2
CVE-2020-24616
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager -
Oracle Application Testing Suite 13.3.0.1
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Communications Diameter Signaling Router
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Contacts Server 8.0.0.5.0
Oracle Communications Calendar Server 8.0.0.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Cloud Native Core Unified Data Repository 1.4.0
Oracle Communications Element Manager
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Communications Messaging Server 8.1
Oracle Siebel Ui Framework
Oracle Banking Supply Chain Finance 14.2
Oracle Banking Supply Chain Finance 14.3
Oracle Banking Supply Chain Finance 14.5
Oracle Identity Manager Connector 11.1.1.5.0
Oracle Communications Contacts Server 8.0
Oracle Communications Calendar Server 8.0
1 Github repository
6.8
CVSSv2
CVE-2020-24750
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.
Fasterxml Jackson-databind
Oracle Application Testing Suite 13.3.0.1
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Communications Diameter Signaling Router
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Contacts Server 8.0.0.5.0
Oracle Communications Calendar Server 8.0.0.4.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Siebel Core - Server Framework
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Element Manager
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Supply Chain Finance 14.2.0
Oracle Banking Credit Facilities Process Management 14.2.0
Oracle Banking Credit Facilities Process Management 14.5.0
Oracle Banking Corporate Lending Process Management 14.2.0
Oracle Banking Corporate Lending Process Management 14.5.0
Oracle Banking Supply Chain Finance 14.5.0
Oracle Banking Supply Chain Finance 14.3.0
1 Github repository
2.1
CVSSv2
CVE-2020-15358
In SQLite prior to 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
Sqlite Sqlite
Canonical Ubuntu Linux 20.04
Apple Iphone Os
Apple Watchos
Apple Icloud
Apple Tvos
Apple Ipados
Apple Macos
Oracle Outside In Technology 8.5.4
Oracle Outside In Technology 8.5.5
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Network Charging And Control 12.0.2
Oracle Mysql
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Messaging Server 8.1
Oracle Communications Cloud Native Core Policy 1.14.0
Siemens Sinec Infrastructure Network Services
6.8
CVSSv2
CVE-2020-36189
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Retail Service Backbone 16.0.3
5
CVSSv2
CVE-2020-25649
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Fasterxml Jackson-databind
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Fedoraproject Fedora 32
Quarkus Quarkus
Apache Iotdb
Oracle Webcenter Portal 12.2.1.3.0
Oracle Banking Platform 2.6.2
Oracle Utilities Framework 4.3.0.5.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Agile Plm 9.3.6
Oracle Coherence 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Sd-wan Edge 9.0
Oracle Coherence 14.1.1.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Banking Platform 2.7.0
1 Github repository
1 Article
6.8
CVSSv2
CVE-2020-35490
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.
Fasterxml Jackson-databind
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Banking Platform 2.6.2
Oracle Agile Plm 9.3.6
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Banking Platform 2.8.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Policy Administration J2ee 11.2.0
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Communications Diameter Signaling Router
Oracle Communications Unified Inventory Management 7.4.1
Oracle Retail Xstore Point Of Service 16.0.6
6.8
CVSSv2
CVE-2020-35491
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.
Fasterxml Jackson-databind
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Banking Platform 2.6.2
Oracle Agile Plm 9.3.6
Oracle Webcenter Portal 12.2.1.4.0
Oracle Sd-wan Edge 9.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Banking Platform 2.8.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Policy Administration J2ee 11.0.2
Oracle Communications Unified Inventory Management 7.4.1
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
6
CVSSv2
CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t...
Apache Log4j 1.2
Fedoraproject Fedora 35
Redhat Jboss Operations Network 3.0
Redhat Jboss A-mq 6.0.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Enterprise Application Platform 7.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse Service Works 6.0
Redhat Jboss Web Server 3.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Enterprise Linux 8.0
Redhat Single Sign-on 7.0
Redhat Software Collections -
Redhat Jboss Fuse 7.0.0
Redhat Process Automation 7.0
Redhat Jboss Data Grid 7.0.0
Redhat Openshift Application Runtimes -
Redhat Codeready Studio 12.0
Redhat Integration Camel K -
Redhat Openshift Container Platform 4.6
21 Github repositories
6.8
CVSSv2
CVE-2020-36181
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Rules Palette 11.0.2
Oracle Commerce Platform
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »