Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

oracle communications converged application server vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3

CVE-2023-21890

Vulnerability in the Oracle Communications Converged Application Server product of Oracle Communications (component: Core). Supported versions that are affected are 7.1.0 and 8.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via UDP to co...
Oracle Communications Converged Application Server 7.1.0Oracle Communications Converged Application Server 8.0.0
9.8
CVSSv3

CVE-2019-2725

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to com...
Oracle Agile Plm 9.3.3Oracle Agile Plm 9.3.4Oracle Agile Plm 9.3.5Oracle Communications Converged Application Server 5.1Oracle Communications Converged Application Server 7.0Oracle Communications Converged Application Server 7.1Oracle Peoplesoft Enterprise Peopletools 8.56Oracle Peoplesoft Enterprise Peopletools 8.57Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Storagetek Tape Analytics Sw Tool 2.3Oracle Tape Library Acsls 8.5Oracle Tape Virtual Storage Manager Gui 6.2
7
CVSSv3

CVE-2020-27216

In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creatin...
Eclipse JettyEclipse Jetty 10.0.0Eclipse Jetty 11.0.0Netapp Snap Creator Framework -Netapp Snapcenter -Netapp Vasa ProviderNetapp Virtual Storage ConsoleNetapp Storage Replication AdapterOracle Communications Application Session Controller 3.9m0p2Oracle Communications Converged Application Server - Service Controller 6.2Oracle Communications Element ManagerOracle Communications Offline Mediation Controller 12.0.0.3.0
4.8
CVSSv3

CVE-2020-27218

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request ...
Eclipse JettyEclipse Jetty 10.0.0Eclipse Jetty 11.0.0Netapp Oncommand System ManagerNetapp Snap Creator Framework -Oracle Blockchain PlatformOracle Communications Converged Application Server - Service Controller 6.2Oracle Communications Offline Mediation Controller 12.0.0.3.0Oracle Communications Pricing Design Center 12.0.0.3.0Oracle Communications Services Gatekeeper 7.0Oracle Communications Session Route ManagerOracle Flexcube Private Banking 12.0.0
9.8
CVSSv3

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-apiNetapp Oncommand Workflow Automation -Opensuse Leap 15.1Oracle Api Gateway 11.1.2.4.0Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.6.2Oracle Business Process Management Suite 11.1.1.9.0Oracle Business Process Management Suite 12.1.3.0.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Business Transaction Management 12.1.0Oracle Communications Application Session Controller 3.7.1
7.5
CVSSv3

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and previous versions have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fi...
Bouncycastle Fips Java ApiBouncycastle Legion-of-the-bouncy-castle-java-crytography-apiDebian Debian Linux 9.0Oracle Api Gateway 11.1.2.4.0Oracle Business Process Management Suite 11.1.1.9.0Oracle Business Process Management Suite 12.1.3.0.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Business Transaction Management 12.1.0Oracle Communications Application Session Controller 3.7.1Oracle Communications Application Session Controller 3.8.0Oracle Communications Converged Application ServerOracle Communications Webrtc Session Controller
7.5
CVSSv3

CVE-2018-3246

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Banking Platform 2.6.0Oracle Banking Platform 2.6.1Oracle Banking Platform 2.6.2Oracle Business Process Management Suite 11.1.1.9.0Oracle Business Process Management Suite 12.1.3.0.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Communications Converged Application ServerOracle Communications Webrtc Session ControllerOracle Enterprise Repository 12.1.3.0.0Oracle Retail Convenience And Fuel Pos Software 2.8.1Oracle Utilities Network Management System 1.12.0.3Oracle Utilities Network Management System 2.3.0.0
7.5
CVSSv3

CVE-2018-15756

Spring Framework, version 5.1, versions 5.0.x before 5.0.10, versions 4.3.x before 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annota...
Vmware Spring FrameworkVmware Spring Framework 5.1.0Oracle Agile Plm 9.3.3Oracle Agile Plm 9.3.4Oracle Agile Plm 9.3.5Oracle Agile Plm 9.3.6Oracle Communications Brm - Elastic Charging Engine 11.3Oracle Communications Brm - Elastic Charging Engine 12.0Oracle Communications Converged Application Server - Service Controller 6.0Oracle Communications Converged Application Server - Service Controller 6.1Oracle Communications Diameter Signaling Router 8.0.0Oracle Communications Diameter Signaling Router 8.1
5.9
CVSSv3

CVE-2018-1271

Spring Framework, versions 5.0 before 5.0.5 and versions 4.3 before 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to th...
Vmware Spring FrameworkOracle Application Testing Suite 12.5.0.3Oracle Application Testing Suite 13.1.0.1Oracle Application Testing Suite 13.2.0.1Oracle Application Testing Suite 13.3.0.1Oracle Big Data Discovery 1.6.0Oracle Communications Converged Application ServerOracle Communications Diameter Signaling RouterOracle Communications Performance Intelligence CenterOracle Communications Policy Management 12.5.0Oracle Communications Services GatekeeperOracle Enterprise Manager Ops Center 12.2.2
8.8
CVSSv3

CVE-2018-1258

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
Pivotal Software Spring SecurityVmware Spring Framework 5.0.5Oracle Agile Plm 9.3.3Oracle Agile Plm 9.3.4Oracle Agile Plm 9.3.5Oracle Agile Plm 9.3.6Oracle Application Testing Suite 10.1Oracle Application Testing Suite 12.5.0.3Oracle Application Testing Suite 13.1.0.1Oracle Application Testing Suite 13.2.0.1Oracle Application Testing Suite 13.3.0.1Oracle Big Data Discovery 1.6.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
directory listings wordpress plugin – ulistingpostquantum-feldman-vssmatioCVE-2025-20115CVE-2025-2025HTML injectionSSTICVE-2025-2310CVE-2025-27363CVE-2025-2343logicaldoc enterpriseCVE-2025-2163dos
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook