Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications cloud native core network function cloud native environment 22.1.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-14343
A vulnerability exists in the PyYAML library in versions prior to 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted inp...
Pyyaml Pyyaml
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
4 Github repositories
3.5
CVSSv2
CVE-2021-3572
A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip...
Pypa Pip
Oracle Agile Plm 9.3.6
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Policy 22.1.3
1 Github repository
5
CVSSv2
CVE-2019-20916
The pip package prior to 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in...
Pypa Pip
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Policy 1.15.0
2 Github repositories
6.8
CVSSv2
CVE-2022-22947
In spring cloud gateway versions before 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote ex...
Vmware Spring Cloud Gateway
Vmware Spring Cloud Gateway 3.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Console 22.2.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
62 Github repositories
2 Articles
5
CVSSv2
CVE-2021-43396
In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use ...
Gnu Glibc 2.34
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
5
CVSSv2
CVE-2021-38604
In librt in the GNU C Library (aka glibc) up to and including 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.
Gnu Glibc
Fedoraproject Fedora 35
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
7.5
CVSSv2
CVE-2022-23219
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) up to and including 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of se...
Gnu Glibc
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Unified Data Repository 22.2.0
Oracle Enterprise Operations Monitor 4.3
Oracle Enterprise Operations Monitor 4.4
Oracle Enterprise Operations Monitor 5.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2022-22963
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Vmware Spring Cloud Function
Oracle Banking Branch 14.5
Oracle Banking Cash Management 14.5
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.5
Oracle Banking Electronic Data Exchange For Corporates 14.5
Oracle Banking Liquidity Management 14.2
Oracle Banking Liquidity Management 14.5
Oracle Banking Origination 14.5
Oracle Banking Supply Chain Finance 14.5
Oracle Banking Trade Finance Process Management 14.5
Oracle Banking Virtual Account Management 14.5
43 Github repositories
3 Articles
10
CVSSv2
CVE-2020-1747
A vulnerability exists in the PyYAML library in versions prior to 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted i...
Pyyaml Pyyaml
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
1 Github repository
5
CVSSv2
CVE-2021-22946
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be byp...
Haxx Curl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 35
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Oncommand Insight -
Netapp Oncommand Workflow Automation -
Netapp Snapcenter -
Netapp H300s Firmware -
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-23629
CVE-2024-52331
CVE-2025-0693
precious metals charts and widgets for wordpress
neofix
simple downloads list
CVE-2025-23544
CVE-2025-21298
client side
memory leak
CVE-2019-5418
XSS
deebot x5 pro plus
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »