Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications cloud native core unified data repository 1.15.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2021-28168
Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents...
Eclipse Jersey
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
5.9
CVSSv3
CVE-2020-14340
A vulnerability exists in XNIO where file descriptor leak caused by growing amounts of NIO Selector file handles between garbage collection cycles. It may allow the malicious user to cause a denial of service. It affects XNIO versions 3.6.0.Beta1 up to and including 3.8.1.Final.
Redhat Xnio
Redhat Xnio 3.6.0
Redhat Jboss Brms 5
Redhat Jboss Brms 6
Redhat Jboss Data Grid 6.0.0
Redhat Jboss Data Grid 7.0.0
Redhat Jboss Data Virtualization 6.0.0
Redhat Jboss Enterprise Application Platform 5.0.0
Redhat Jboss Enterprise Application Platform 6.0.0
Redhat Jboss Fuse 6.0.0
Redhat Jboss Fuse 7.0.0
Redhat Jboss Operations Network 3.0
9.8
CVSSv3
CVE-2022-22963
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Vmware Spring Cloud Function
Oracle Banking Branch 14.5
Oracle Banking Cash Management 14.5
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.5
Oracle Banking Electronic Data Exchange For Corporates 14.5
Oracle Banking Liquidity Management 14.2
Oracle Banking Liquidity Management 14.5
Oracle Banking Origination 14.5
Oracle Banking Supply Chain Finance 14.5
Oracle Banking Trade Finance Process Management 14.5
Oracle Banking Virtual Account Management 14.5
43 Github repositories
3 Articles
6.5
CVSSv3
CVE-2021-43797
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It s...
Netty Netty
Quarkus Quarkus
Netapp Oncommand Workflow Automation -
Netapp Snapcenter -
Oracle Banking Deposits And Lines Of Credit Servicing 2.7
Oracle Banking Party Management 2.7.0
Oracle Banking Platform 2.6.2
Oracle Coherence 12.2.1.4.0
Oracle Coherence 14.1.1.0.0
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Policy 1.15.0
8.1
CVSSv3
CVE-2021-22901
curl 7.75.0 up to and including 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote c...
Haxx Curl
Oracle Communications Cloud Native Core Binding Support Function 1.11.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.1
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
Oracle Essbase
Oracle Mysql Server
Netapp Active Iq Unified Manager -
Netapp Cloud Backup -
Netapp Oncommand Insight -
7.5
CVSSv3
CVE-2021-37136
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack
Netty Netty
Quarkus Quarkus
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience 18.1
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
9.8
CVSSv3
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Oracle Communications Cloud Native Core Automated Test Suite 22.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Console 22.1.0
Oracle Communications Cloud Native Core Network Exposure Function 22.1.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 22.1.0
Oracle Communications Cloud Native Core Network Repository Function 1.15.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
128 Github repositories
7 Articles
7.4
CVSSv3
CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp E-series Santricity Os Controller
Netapp Hci Management Node -
Netapp Manageability Software Development Kit -
Netapp Santricity Smi-s Provider -
Netapp Solidfire -
Netapp Storage Encryption -
2 Github repositories
9.8
CVSSv3
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Active Iq Unified Manager -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp E-series Santricity Os Controller
Netapp Hci Management Node -
Netapp Manageability Software Development Kit -
Netapp Oncommand Insight -
Netapp Oncommand Workflow Automation -
Netapp Santricity Smi-s Provider -
1 Github repository
1 Article
5.9
CVSSv3
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Email Security
Sonicwall Network Security Manager
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
49 Github repositories
5 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
local
IMAP
CVE-2024-8504
CVE-2024-42327
CVE-2024-11904
CVE-2024-47107
CVE-2024-53143
XML injection
CVE-2024-54750
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »