Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle communications services gatekeeper vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-7226
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows malicious users to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within ...
Vt Cryptacular
Oracle Webcenter Sites 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Communications Services Gatekeeper 7.0
446
VMScore
CVE-2019-10246
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information revea...
Eclipse Jetty 9.2.27
Eclipse Jetty 9.3.26
Eclipse Jetty 9.4.16
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Oncommand System Manager
Netapp Snapmanager -
Netapp Storage Services Connector -
Netapp Virtual Storage Console
Netapp Virtual Storage Console 9.6
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Storage Replication Adapter For Clustered Data Ontap 9.6
Netapp Vasa Provider For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap -
Netapp Element -
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Core Banking 5.2.0
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
187
VMScore
CVE-2020-17521
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some context...
Apache Groovy 4.0.0
Apache Groovy
Netapp Snapcenter -
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Ilearning 6.2
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
Oracle Primavera Unifier 19.12
Oracle Retail Bulk Data Integration 15.0.3.0
Oracle Retail Bulk Data Integration 16.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 16.0.3
Oracle Communications Evolved Communications Application Server 7.1
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Services Gatekeeper 6.0
Oracle Communications Services Gatekeeper 6.1
321
VMScore
CVE-2021-34428
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this c...
Eclipse Jetty
Debian Debian Linux 10.0
Netapp Snap Creator Framework -
Netapp Santricity Cloud Connector -
Netapp Snapmanager -
Netapp E-series Santricity Web Services -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp Element Plug-in For Vcenter Server -
Oracle Communications Services Gatekeeper 7.0
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Siebel Core - Automation
Oracle Communications Session Route Manager
Oracle Communications Element Manager 8.2.2
Oracle Rest Data Services
Oracle Communications Session Report Manager
694
VMScore
CVE-2021-28165
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
Eclipse Jetty
Oracle Communications Services Gatekeeper 7.0
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Siebel Core - Automation
Oracle Communications Element Manager 8.2.2
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Oracle Rest Data Services
Jenkins Jenkins
Netapp Santricity Cloud Connector -
Netapp E-series Santricity Os Controller
Netapp E-series Performance Analyzer
Netapp Snapcenter
Netapp E-series Santricity Storage
Netapp Santricity Web Services Proxy
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp E-series Santricity Web Services
Netapp Ontap Tools
Netapp Cloud Manager
1 Github repository
516
VMScore
CVE-2020-27218
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request ...
Eclipse Jetty 11.0.0
Eclipse Jetty 10.0.0
Eclipse Jetty
Netapp Snap Creator Framework -
Netapp Oncommand System Manager
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Rest Data Services
Oracle Communications Converged Application Server - Service Controller 6.2
Oracle Communications Session Route Manager
Oracle Siebel Core - Automation
Oracle Retail Eftlink 20.0.0
Oracle Hyperion Infrastructure Technology 11.1.2.6.0
Oracle Blockchain Platform
Apache Kafka 2.7.0
Apache Spark 2.4.8
Apache Spark 3.0.3
Debian Debian Linux 10.0
387
VMScore
CVE-2020-11023
In jQuery versions greater than or equal to 1.0.3 and prior to 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted c...
Jquery Jquery
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Drupal Drupal
Oracle Weblogic Server 12.1.3.0.0
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Operations Monitor 3.4
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Communications Interactive Session Recorder
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Application Express
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 12.1.0.2
13 Github repositories
605
VMScore
CVE-2020-24616
FasterXML jackson-databind 2.x prior to 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager -
Oracle Application Testing Suite 13.3.0.1
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Communications Diameter Signaling Router
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Contacts Server 8.0.0.5.0
Oracle Communications Calendar Server 8.0.0.4.0
Oracle Communications Unified Inventory Management 7.4.1
Oracle Communications Cloud Native Core Unified Data Repository 1.4.0
Oracle Communications Element Manager
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Communications Messaging Server 8.1
Oracle Siebel Ui Framework
Oracle Banking Supply Chain Finance 14.2
Oracle Banking Supply Chain Finance 14.3
Oracle Banking Supply Chain Finance 14.5
Oracle Identity Manager Connector 11.1.1.5.0
Oracle Communications Contacts Server 8.0
Oracle Communications Calendar Server 8.0
1 Github repository
668
VMScore
CVE-2019-2904
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...
Oracle Application Testing Suite 12.5.0.3
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Banking Enterprise Collections 2.7.0
Oracle Banking Enterprise Collections 2.8.0
Oracle Banking Enterprise Originations 2.7.0
Oracle Banking Enterprise Originations 2.8.0
Oracle Banking Enterprise Product Manufacturing 2.7.0
Oracle Banking Enterprise Product Manufacturing 2.8.0
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Clinical 5.2
393
VMScore
CVE-2020-27216
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creatin...
Eclipse Jetty 11.0.0
Eclipse Jetty 10.0.0
Eclipse Jetty
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Vasa Provider
Netapp Virtual Storage Console
Netapp Storage Replication Adapter
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Communications Services Gatekeeper 7.0
Oracle Communications Element Manager
Oracle Flexcube Core Banking
Oracle Communications Application Session Controller 3.9m0p2
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Jd Edwards Enterpriseone Tools
Oracle Communications Converged Application Server - Service Controller 6.2
Oracle Siebel Core - Automation
Apache Beam 2.21.0
Apache Beam 2.22.0
Apache Beam 2.23.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »