Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
communications messaging server vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2019-1845
A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, Cisco TelePresence Video Communication Server (VCS), and Cisco Expressway Series could allow an unauthenticated, remote malicious user to c...
Cisco Telepresence Video Communication Server
Cisco Unified Communications Manager Im And Presence Service 11.5\\(1\\)
7.5
CVSSv3
CVE-2021-37714
jsoup is a Java library for working with HTML. Those using jsoup versions before 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinit...
Jsoup Jsoup
Quarkus Quarkus
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Flexcube Universal Banking
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Primavera Unifier 21.12
Oracle Banking Trade Finance 14.5
Oracle Banking Treasury Management 14.5
Oracle Flexcube Universal Banking 14.5
Oracle Hospitality Token Proxy Service 19.2
Oracle Retail Customer Management And Segmentation Foundation
Netapp Management Services For Element Software And Netapp Hci -
Oracle Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Middleware Common Libraries And Tools 12.2.1.3.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
5.5
CVSSv3
CVE-2021-31811
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
Apache Pdfbox
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Flexcube Universal Banking
Oracle Outside In Technology 8.5.5
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Communications Messaging Server 8.1
Oracle Banking Supply Chain Finance 14.2.0
Oracle Banking Credit Facilities Process Management 14.2.0
Oracle Banking Credit Facilities Process Management 14.5.0
Oracle Banking Corporate Lending Process Management 14.2.0
Oracle Banking Corporate Lending Process Management 14.5.0
Oracle Banking Supply Chain Finance 14.5.0
Oracle Banking Supply Chain Finance 14.3.0
Oracle Retail Customer Management And Segmentation Foundation 18.1
Oracle Banking Trade Finance 14.5
Oracle Banking Treasury Management 14.5
9.8
CVSSv3
CVE-2019-0228
Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent malicious users to conduct XML External Entity (XXE) attacks via a crafted XFDF.
Apache Pdfbox 2.0.14
Apache James 3.4.0
Apache James 3.3.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Webcenter Sites 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Sites 12.2.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Communications Messaging Server 8.1
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Hyperion Financial Reporting 11.2.6.0
Oracle Banking Trade Finance Process Management 14.2
Oracle Banking Trade Finance Process Management 14.3
Oracle Banking Trade Finance Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.2
Oracle Banking Credit Facilities Process Management 14.3
Oracle Banking Credit Facilities Process Management 14.5
1 Github repository
5.9
CVSSv3
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
74 Github repositories
5 Articles
NA
CVE-2004-1235
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 up to and including 2.429-rc2 and 2.6 up to and including 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Avaya Network Routing
Avaya Converged Communications Server 2.0
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.16
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.4.22
Linux Linux Kernel 2.4.26
Linux Linux Kernel 2.4.27
Linux Linux Kernel 2.4.3
Linux Linux Kernel 2.4.4
Linux Linux Kernel 2.6.0
Avaya Mn100
Linux Linux Kernel 2.6.3
Linux Linux Kernel 2.6.4
Linux Linux Kernel 2.6.8
Mandrakesoft Mandrake Linux 10.1
Mandrakesoft Mandrake Linux 9.2
Redhat Enterprise Linux 4.0
Redhat Linux 7.3
3 EDB exploits
9.8
CVSSv3
CVE-2018-14718
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
5.5
CVSSv3
CVE-2021-27906
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
Apache Pdfbox
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Webcenter Sites 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Flexcube Universal Banking
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Outside In Technology 8.5.5
Oracle Primavera Unifier 19.12
Oracle Webcenter Sites 12.2.1.4.0
Oracle Retail Customer Management And Segmentation Foundation 19.0
Oracle Primavera Unifier 20.12
Oracle Banking Virtual Account Management 14.3.0
Oracle Banking Trade Finance Process Management 14.3.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Communications Messaging Server 8.1
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Retail Xstore Point Of Service 16.0.6
NA
CVE-2012-3935
Cisco Unified Presence (CUP) prior to 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) prior to 5.3 allow remote malicious users to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
Cisco Unified Presence
Cisco Unified Presence 8.6\\(1\\)
Cisco Unified Presence 8.0\\(1\\)
Cisco Unified Presence 1.0
Cisco Unified Presence 8.5\\(3\\)
Cisco Unified Presence 7.0\\(6\\)
Cisco Unified Presence 6.0\\(1\\)
Cisco Unified Presence 6.0\\(2\\)
Cisco Unified Presence 7.0\\(1\\)
Cisco Unified Presence 8.0\\(2\\)
Cisco Unified Presence 6.0 1
Cisco Unified Presence 8.5\\(1\\)
Cisco Unified Presence 7.0\\(9\\)
Cisco Unified Presence 7.0\\(3\\)
Cisco Unified Presence 6.0\\(6\\)
Cisco Unified Presence 6.0\\(7\\)
Cisco Unified Presence 7.0
Cisco Unified Presence 7.0\\(2\\)
Cisco Unified Presence 8.0\\(4\\)
Cisco Unified Presence 6.0
Cisco Unified Presence 6.0 2
Cisco Unified Presence 7.0\\(7\\)
NA
CVE-2010-3575
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 6.0, 6.2, 6.3, and 7.0 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Web Mail.
Oracle Sun Product Suite 6.0
Oracle Sun Product Suite 6.2
Oracle Sun Product Suite 6.3
Oracle Sun Product Suite 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »