Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications convergence vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2017-10031
Vulnerability in the Oracle Communications Convergence component of Oracle Communications Applications (subcomponent: Mail Proxy (dojo)). Supported versions that are affected are 3.0 and 3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access v...
Oracle Communications Convergence 3.0
Oracle Communications Convergence 3.0.1
4.6
CVSSv3
CVE-2022-21338
Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: General Framework). The supported version that is affected is 3.0.2.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP t...
Oracle Communications Convergence 3.0.2.2.0
6.1
CVSSv3
CVE-2018-2936
Vulnerability in the Oracle Communications Messaging Server component of Oracle Communications Applications (subcomponent: Web Client). The supported version that is affected is 3.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to ...
Oracle Communications Convergence 3.0.1
8.8
CVSSv3
CVE-2023-21848
Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Admin Configuration). The supported version that is affected is 3.0.3.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...
Oracle Communications Convergence 3.0.3.1.0
4.3
CVSSv2
CVE-2015-4793
Unspecified vulnerability in the Oracle Communications Convergence component in Oracle Communications Applications 2.0 and 3.0.1 allows remote malicious users to affect confidentiality via unknown vectors related to Mail Proxy.
Oracle Communications Applications 2.0
Oracle Communications Applications 3.0.1
8.1
CVSSv3
CVE-2020-28052
An issue exists in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.65
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.66
Apache Karaf 4.3.2
Oracle Banking Corporate Lending Process Management 14.2.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.5.0
Oracle Banking Credit Facilities Process Management 14.2.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Credit Facilities Process Management 14.5.0
Oracle Banking Extensibility Workbench 14.2.0
Oracle Banking Extensibility Workbench 14.3.0
Oracle Banking Extensibility Workbench 14.5.0
1 Github repository
9.8
CVSSv3
CVE-2018-1000613
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserializat...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api
Netapp Oncommand Workflow Automation -
Opensuse Leap 15.1
Oracle Api Gateway 11.1.2.4.0
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Transaction Management 12.1.0
Oracle Communications Application Session Controller 3.7.1
7.5
CVSSv3
CVE-2019-17359
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.63
Apache Tomee 7.0.7
Apache Tomee 7.1.2
Apache Tomee 8.0.1
Netapp Active Iq Unified Manager
Netapp Oncommand Api Services -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Convergence
Oracle Communications Diameter Signaling Router
7.3
CVSSv3
CVE-2019-10086
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an malicious user to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of th...
Apache Commons Beanutils
Apache Nifi 1.14.0
Apache Nifi 1.15.0
Debian Debian Linux 8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.7
4.8
CVSSv3
CVE-2021-29425
In Apache Commons IO prior to 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not furt...
Apache Commons Io 2.2
Apache Commons Io 2.3
Apache Commons Io 2.4
Apache Commons Io 2.5
Apache Commons Io 2.6
Debian Debian Linux 9.0
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
Oracle Access Manager 12.2.1.4.0
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.6
Oracle Application Performance Management 13.4.1.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
kernel
CVE-2025-22654
CVE-2025-0108
memory leak
CVE-2025-1447
CVE-2025-24200
XML external entity
CVE-2025-25475
CVE-2024-13663
wedevs
bypass
rameez iqbal
visualizer
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »