Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications cloud native core policy 1.15.0 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2021-28168
Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents...
Eclipse Jersey
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
3.5
CVSSv2
CVE-2021-3572
A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity. This is fixed in python-pip...
Pypa Pip
Oracle Agile Plm 9.3.6
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Policy 22.1.3
1 Github repository
4.3
CVSSv2
CVE-2021-3200
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service
Opensuse Libsolv
Oracle Communications Cloud Native Core Policy 1.15.0
4.3
CVSSv2
CVE-2019-3799
Spring Cloud Config, versions 2.1.x before 2.1.2, versions 2.0.x before 2.0.4, and versions 1.4.x before 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, c...
Vmware Spring Cloud Config
Oracle Communications Cloud Native Core Policy 1.15.0
1 EDB exploit
2 Github repositories
6
CVSSv2
CVE-2020-8554
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and...
Kubernetes Kubernetes
Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
11 Github repositories
1 Article
5
CVSSv2
CVE-2021-35574
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Outside In Technology 8.5.5
7.9
CVSSv2
CVE-2021-2471
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Con...
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Mysql Connectors
Quarkus Quarkus
2 Github repositories
4.3
CVSSv2
CVE-2021-22569
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause fre...
Google Google-protobuf
Google Protobuf-java
Google Protobuf-kotlin
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Spatial And Graph Mapviewer 19c
Oracle Spatial And Graph Mapviewer 21c
1 Github repository
5
CVSSv2
CVE-2019-20916
The pip package prior to 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in...
Pypa Pip
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Policy 1.15.0
2 Github repositories
7.5
CVSSv2
CVE-2021-43527
NSS (Network Security Services) versions before 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. A...
Mozilla Nss
Mozilla Nss Esr
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Policy Management 12.6.0.0.0
Starwindsoftware Starwind San & Nas V8r13
Starwindsoftware Starwind Virtual San V8r13
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
XML external entity
XSS
CVE-2024-11335
CVE-2025-26465
adthrive
CVE-2024-12069
google
CVE-2024-13405
apptivo business site crm
movable type (8.4.x series)
code injection
CVE-2024-11778
CVE-2025-0108
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »