Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications services gatekeeper 7.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-7226
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows malicious users to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within ...
Vt Cryptacular
Oracle Communications Services Gatekeeper 7.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
3.5
CVSSv3
CVE-2021-34428
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this c...
Eclipse Jetty
Debian Debian Linux 10.0
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services -
Netapp Element Plug-in For Vcenter Server -
Netapp Santricity Cloud Connector -
Netapp Snap Creator Framework -
Netapp Snapmanager -
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Communications Element Manager 8.2.2
Oracle Communications Services Gatekeeper 7.0
4.8
CVSSv3
CVE-2020-27218
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request ...
Eclipse Jetty
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.0
Netapp Oncommand System Manager
Netapp Snap Creator Framework -
Oracle Blockchain Platform
Oracle Communications Converged Application Server - Service Controller 6.2
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Session Route Manager
Oracle Flexcube Private Banking 12.0.0
5.5
CVSSv3
CVE-2020-17521
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some context...
Apache Groovy
Apache Groovy 4.0.0
Netapp Snapcenter -
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
Oracle Agile Plm Mcad Connector 3.4
Oracle Agile Plm Mcad Connector 3.6
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Brm - Elastic Charging Engine 11.3.0.9.0
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
7.5
CVSSv3
CVE-2021-28165
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
Eclipse Jetty
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Element Manager 8.2.2
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Oracle Rest Data Services
Oracle Siebel Core - Automation
Jenkins Jenkins
Netapp Cloud Manager
Netapp E-series Performance Analyzer
1 Github repository
5.3
CVSSv3
CVE-2019-10246
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information revea...
Eclipse Jetty 9.2.27
Eclipse Jetty 9.3.26
Eclipse Jetty 9.4.16
Netapp Oncommand System Manager
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Snapmanager -
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Storage Replication Adapter For Clustered Data Ontap 9.6
Netapp Storage Services Connector -
Netapp Vasa Provider For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap -
7
CVSSv3
CVE-2020-27216
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creatin...
Eclipse Jetty
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.0
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Vasa Provider
Netapp Virtual Storage Console
Netapp Storage Replication Adapter
Oracle Communications Application Session Controller 3.9m0p2
Oracle Communications Converged Application Server - Service Controller 6.2
Oracle Communications Element Manager
Oracle Communications Offline Mediation Controller 12.0.0.3.0
8.1
CVSSv3
CVE-2020-24616
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager -
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 13.3.0.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Liquidity Management 14.2
Oracle Banking Liquidity Management 14.3
Oracle Banking Liquidity Management 14.5
Oracle Banking Supply Chain Finance 14.2
Oracle Banking Supply Chain Finance 14.3
Oracle Banking Supply Chain Finance 14.5
Oracle Blockchain Platform
1 Github repository
6.1
CVSSv3
CVE-2020-11023
In jQuery versions greater than or equal to 1.0.3 and prior to 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted c...
Jquery Jquery
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Drupal Drupal
Oracle Application Express
Oracle Application Testing Suite 13.3.0.1
Oracle Banking Enterprise Collections
Oracle Banking Platform
Oracle Business Intelligence 5.9.0.0.0
Oracle Communications Analytics 12.1.1
9 Github repositories
2.7
CVSSv3
CVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that m...
Eclipse Jetty
Eclipse Jetty 10.0.0
Eclipse Jetty 10.0.1
Eclipse Jetty 11.0.0
Eclipse Jetty 11.0.1
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Apache Ignite
Apache Solr 8.8.1
Netapp Cloud Manager -
Netapp E-series Performance Analyzer -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »