oracle communications design studio 7.4.2 vulnerabilities and exploits

(subscribe to this query)

<Issue Description> Spring Security OAuth versions 2.5.x before 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send...

Pivotal Spring Security Oauth Oracle Communications Design Studio 7.4.2

The ZlibDecoders in Netty 4.1.x prior to 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.

Netty Netty Debian Debian Linux 9.0 Debian Debian Linux 10.0 Fedoraproject Fedora 33 Netapp Oncommand Api Services -Netapp Oncommand Insight -Netapp Oncommand Workflow Automation -Oracle Communications Brm - Elastic Charging Engine 12.0.0.3 Oracle Communications Cloud Native Core Service Communication Proxy 1.5.2 Oracle Communications Design Studio 7.4.2 Oracle Nosql Database Oracle Siebel Core - Server Framework

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It s...

Netty Netty Quarkus Quarkus Netapp Oncommand Workflow Automation -Netapp Snapcenter -Oracle Banking Deposits And Lines Of Credit Servicing 2.7 Oracle Banking Party Management 2.7.0 Oracle Banking Platform 2.6.2 Oracle Coherence 12.2.1.4.0 Oracle Coherence 14.1.1.0.0 Oracle Communications Cloud Native Core Binding Support Function 1.11.0 Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0 Oracle Communications Cloud Native Core Policy 1.15.0

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp fi...

Netty Netty Debian Debian Linux 9.0 Debian Debian Linux 10.0 Quarkus Quarkus Oracle Banking Corporate Lending Process Management 14.2.0 Oracle Banking Corporate Lending Process Management 14.3.0 Oracle Banking Corporate Lending Process Management 14.5.0 Oracle Banking Credit Facilities Process Management 14.2.0 Oracle Banking Credit Facilities Process Management 14.3.0 Oracle Banking Credit Facilities Process Management 14.5.0 Oracle Banking Trade Finance Process Management 14.2.0 Oracle Banking Trade Finance Process Management 14.3.0

Lodash versions before 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

Lodash Lodash Oracle Banking Corporate Lending Process Management 14.2.0 Oracle Banking Corporate Lending Process Management 14.3.0 Oracle Banking Corporate Lending Process Management 14.5.0 Oracle Banking Credit Facilities Process Management 14.2.0 Oracle Banking Credit Facilities Process Management 14.3.0 Oracle Banking Credit Facilities Process Management 14.5.0 Oracle Banking Extensibility Workbench 14.2.0 Oracle Banking Extensibility Workbench 14.3.0 Oracle Banking Extensibility Workbench 14.5.0 Oracle Banking Supply Chain Finance 14.2.0 Oracle Banking Supply Chain Finance 14.3.0

2 Github repositories

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced N...

Oracle Advanced Networking Option 12.1.0.2 Oracle Advanced Networking Option 12.2.0.1 Oracle Advanced Networking Option 19c Oracle Agile Engineering Data Management 6.2.1.0 Oracle Agile Plm 9.3.6 Oracle Agile Product Lifecycle Management For Process 6.2.2.0 Oracle Agile Product Lifecycle Management For Process 6.2.3.0 Oracle Airlines Data Model 12.1.1.0.0 Oracle Airlines Data Model 12.2.0.1.0 Oracle Application Performance Management 13.4.1.0 Oracle Application Performance Management 13.5.1.0 Oracle Application Testing Suite 13.3.0.1

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

Redhat Hibernate Validator Redhat Hibernate Validator 6.1.0 Redhat Fuse 1.0 Redhat Jboss Data Grid -Redhat Jboss Enterprise Application Platform -Redhat Openshift Application Runtimes -Redhat Single Sign-on -Redhat Jboss Enterprise Application Platform 7.2 Redhat Jboss Enterprise Application Platform 7.3 Netapp Active Iq Unified Manager -Netapp Management Services For Element Software And Netapp Hci -Netapp Snapcenter Plug-in -

Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...

Apache Log4j Netapp Cloud Manager -Debian Debian Linux 10.0 Debian Debian Linux 11.0 Sonicwall Email Security Sonicwall Network Security Manager Sonicwall Web Application Firewall Sonicwall 6bk1602-0aa12-0tp0 Firmware Sonicwall 6bk1602-0aa22-0tp0 Firmware Sonicwall 6bk1602-0aa32-0tp0 Firmware Sonicwall 6bk1602-0aa42-0tp0 Firmware Sonicwall 6bk1602-0aa52-0tp0 Firmware

50 Github repositories5 Articles

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook