Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cosminexus application server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-31813
Apache HTTP Server 2.4.53 and previous versions may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application.
Apache Http Server
Netapp Clustered Data Ontap -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Cloud Volumes Ontap Mediator -
Netapp A250 Firmware -
Netapp 500f Firmware -
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Tenable Nessus
Mariadb Mariadb
Nodejs Node.js
10 Github repositories
7.5
CVSSv3
CVE-2020-36518
jackson-databind prior to 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
Fasterxml Jackson-databind
Oracle Weblogic Server 12.2.1.3.0
Oracle Commerce Platform 11.3.1
Oracle Utilities Framework 4.3.0.5.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Sd-wan Edge 9.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Coherence 14.1.1.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Global Lifecycle Management Nextgen Oui Framework 13.9.4.2.2
Oracle Primavera Unifier 20.12
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Primavera Gateway
Oracle Utilities Framework 4.4.0.3.0
Oracle Sd-wan Edge 9.1
Oracle Commerce Platform 11.3.0
Oracle Commerce Platform 11.3.2
Oracle Primavera Unifier 21.12
4 Github repositories
6.5
CVSSv3
CVE-2022-23437
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulner...
Apache Xerces-j
Oracle Ilearning 6.2
Oracle Flexcube Universal Banking 12.4.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Agile Plm 9.3.6
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Weblogic Server 14.1.1.0.0
Oracle Retail Bulk Data Integration 16.0.3.0
Oracle Retail Merchandising System 16.0.3
Oracle Global Lifecycle Management Nextgen Oui Framework 13.9.4.2.2
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Retail Service Backbone 16.0.3
Oracle Retail Financial Integration 16.0.3
Oracle Retail Integration Bus 16.0.3
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Retail Service Backbone 15.0.3.1
Oracle Retail Service Backbone 14.1.3.2
Oracle Financial Services Enterprise Case Management 8.0.7.2.0
Oracle Banking Party Management 2.7.0
Oracle Retail Merchandising System 19.0.1
Oracle Retail Integration Bus 14.1.3.2
9.8
CVSSv3
CVE-2021-39275
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Server 14.0
Siemens Sinec Nms
7.5
CVSSv3
CVE-2021-23840
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Oracle Business Intelligence 12.2.1.3.0
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Mysql Server
Oracle Nosql Database
Oracle Jd Edwards Enterpriseone Tools
Oracle Business Intelligence 5.9.0.0.0
Oracle Communications Cloud Native Core Policy 1.15.0
1 Github repository
8.1
CVSSv3
CVE-2020-36180
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Rules Palette 11.0.2
1 Github repository
8.1
CVSSv3
CVE-2020-36182
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
1 Github repository
8.1
CVSSv3
CVE-2020-36183
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier 17.2
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
8.1
CVSSv3
CVE-2020-36179
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Data Integrator 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Insurance Rules Palette 11.0.2
Oracle Commerce Platform
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »