Latest oracle communications billing and revenue management elastic charging engine Vulnerabilities

CVE-2023-21824
Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). Supported versions that are affe...
Oracle Communications Billing And Revenue Management Elastic Charging Engine>=12.0.0.3.0<=12.0.0.7.0
Oracle Communications Cloud Native Core Binding Support Function=22.3.0
Oracle Communications Cloud Native Core Policy=22.3.0
CVE-2021-39139
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39145
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39154
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39146
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39148
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39147
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39149
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39144
XStream Remote Code Execution Vulnerability
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
XStream XStream
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
and 34 more
CVE-2021-39151
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39152
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicl...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39140
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on ...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39150
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicl...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39141
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39153
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 27 more
CVE-2021-29425
Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-cra...
redhat/eap7-apache-commons-io<0:2.10.0-1.redhat_00001.1.el6ea
redhat/eap7-hal-console<0:3.2.16-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.20-4.SP2_redhat_00001.1.el6ea
redhat/eap7-ironjacamar<0:1.4.35-1.Final_redhat_00001.1.el6ea
redhat/eap7-jakarta-el<0:3.0.3-2.redhat_00006.1.el6ea
redhat/eap7-jberet<0:1.3.9-1.Final_redhat_00001.1.el6ea
and 185 more
CVE-2021-21341
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 25 more
CVE-2021-21350
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by man...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 34 more
CVE-2021-21349
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resourc...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 33 more
CVE-2021-21344
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code fr...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 32 more
CVE-2021-21348
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maxi...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 30 more
CVE-2021-21346
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code fr...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-21347
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code fr...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 34 more
CVE-2021-21345
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute ...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 32 more
CVE-2021-21351
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a r...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 30 more
CVE-2021-21343
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type informat...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 29 more
CVE-2020-5398
A flaw was found in springframework in versions prior to 5.0.16, 5.1.13, and 5.2.3. A reflected file download (RFD) attack is possible when a "Content-Disposition" header is set in response to where t...
IBM Data Risk Manager<=2.0.6
redhat/springframework<5.2.3
redhat/springframework<5.1.13
redhat/springframework<5.0.16
maven/org.springframework:spring-webflux>=5.0.0.RELEASE<5.0.16.RELEASE
maven/org.springframework:spring-webflux>=5.1.0.RELEASE<5.1.13.RELEASE
and 67 more
CVE-2019-10086
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Jav...
redhat/apache-commons-beanutils<0:1.8.3-15.el7_7
redhat/eap7-activemq-artemis<0:2.9.0-2.redhat_00009.1.el6ea
redhat/eap7-apache-commons-beanutils<0:1.9.4-1.redhat_00002.1.el6ea
redhat/eap7-glassfish-el<0:3.0.1-4.b08_redhat_00003.1.el6ea
redhat/eap7-glassfish-jaxb<0:2.3.3-4.b02_redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-7.SP3_redhat_00005.1.el6ea
and 486 more
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This...
redhat/eap7-apache-cxf<0:3.2.11-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-6.SP3_redhat_00004.1.el6ea
redhat/eap7-hal-console<0:3.0.19-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.14-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-validator<0:6.0.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jackson-annotations<0:2.9.10-1.redhat_00003.1.el6ea
and 779 more
CVE-2019-10173
A vulnerability was found in xstream API version 1.4.10, if the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands by manipulating the processe...
IBM Data Risk Manager<=2.0.6
redhat/xstream<1.4.11
Xstream Project Xstream=1.4.10
Oracle Banking Platform>=2.4.0<=2.10.0
Oracle Banking Platform=2.4.0
Oracle Banking Platform=2.7.1
and 20 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203