Latest oracle communications operations monitor Vulnerabilities

CVE-2022-24735
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua ...
Redis Redis<6.2.7
Redis Redis=7.0-rc1
Redis Redis=7.0-rc2
Redis Redis=7.0-rc3
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 6 more
CVE-2022-24736
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will res...
Redis Redis<6.2.7
Redis Redis=7.0-rc1
Redis Redis=7.0-rc2
Redis Redis=7.0-rc3
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 6 more
CVE-2022-21396
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21403
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21399
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21401
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21395
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21397
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21398
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21402
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2022-21246
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easil...
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
Oracle Communications Operations Monitor=4.4
Oracle Communications Operations Monitor=5.0
CVE-2021-44224
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server>=2.4.7<2.4.52
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 39 more
CVE-2021-44790
apache. Multiple issues were addressed by updating apache to version 2.4.53.
Apple Catalina
Apple macOS Big Sur<11.6.6
<12.4
Apache HTTP server<=2.4.51
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 40 more
CVE-2021-41183
### Impact Accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```...
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.14.04.1~
ubuntu/jqueryui<1.13.0
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.18.04.1~
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.20.04.1
ubuntu/jqueryui<1.10.1+dfsg-1ubuntu0.16.04.1~
rubygems/jquery-ui-rails<7.0.0
and 116 more
CVE-2021-41184
### Impact Accepting the value of the `of` option of the [`.position()`](https://api.jqueryui.com/position/) util from untrusted sources may execute untrusted code. For example, invoking the following...
rubygems/jquery-ui-rails<7.0.0
nuget/jQuery.UI.Combined<1.13.0
maven/org.webjars.npm:jquery-ui<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 75 more
CVE-2021-41182
### Impact Accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. For example, initializing the datepicker in the following way: ```js...
rubygems/jquery-ui-rails<7.0.0
maven/org.webjars.npm:jquery-ui<1.13.0
nuget/jQuery.UI.Combined<1.13.0
npm/jquery-ui<1.13.0
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
and 126 more
CVE-2021-32762
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large...
Redis Redis>=5.0.0<5.0.14
Redis Redis>=6.0.0<6.0.16
Redis Redis>=6.2.0<6.2.6
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=33
and 8 more
CVE-2021-32628
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be exploited to corrupt the heap and potentia...
Redis Redis>=5.0.0<5.0.14
Redis Redis>=6.0.0<6.0.16
Redis Redis>=6.2.0<6.2.6
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 10 more
CVE-2021-41099
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of servic...
redhat/redis<0:3.2.8-5.el7
redhat/rh-redis5-redis<0:5.0.5-3.el7
Redis Redis>=5.0.0<5.0.14
Redis Redis>=6.0.0<6.0.16
Redis Redis>=6.2.0<6.2.6
Fedoraproject Fedora=33
and 9 more
CVE-2021-32627
Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code ex...
redhat/redis<6.2.6
redhat/redis<6.0.16
redhat/redis<5.0.14
redhat/redis<0:3.2.8-5.el7
redhat/rh-redis5-redis<0:5.0.5-3.el7
Redis Redis>=5.0.0<5.0.14
and 13 more
CVE-2021-32626
Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to inc...
redhat/redis<6.2.6
redhat/redis<6.0.16
redhat/redis<5.0.14
redhat/redis<0:3.2.8-5.el7
redhat/rh-redis5-redis<0:5.0.5-3.el7
Redis Redis>=2.6<5.0.14
and 13 more
CVE-2021-32672
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond th...
Redis Redis>=3.2.0<5.0.14
Redis Redis>=6.0.0<6.0.16
Redis Redis>=6.2.0<6.2.6
Redhat Software Collections
Redhat Enterprise Linux=8.0
Debian Debian Linux=10.0
and 10 more
CVE-2021-32675
Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which dete...
redhat/redis<6.2.6
redhat/redis<6.0.16
redhat/redis<5.0.14
redhat/redis<0:3.2.8-5.el7
redhat/rh-redis5-redis<0:5.0.5-3.el7
Redis Redis>=5.0.0<5.0.14
and 13 more
CVE-2021-32687
Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrar...
redhat/redis<0:3.2.8-5.el7
redhat/rh-redis5-redis<0:5.0.5-3.el7
Redis Redis>=5.0.0<5.0.14
Redis Redis>=6.0.0<6.0.16
Redis Redis>=6.2.0<6.2.6
Fedoraproject Fedora=33
and 13 more
CVE-2021-23017
A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting th...
F5 Nginx>=0.6.18<1.20.1
Openresty Openresty<1.19.3.2
Fedoraproject Fedora=33
Fedoraproject Fedora=34
NetApp ONTAP Select Deploy administration utility
Oracle Blockchain Platform<21.1.2
and 27 more
CVE-2020-14147
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (mem...
Redislabs Redis<5.0.9
Redislabs Redis>=6.0.0<6.0.3
Oracle Communications Operations Monitor=3.4
Oracle Communications Operations Monitor=4.1
Oracle Communications Operations Monitor=4.2
Oracle Communications Operations Monitor=4.3
and 3 more
CVE-2020-11023
### Impact Passing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may e...
maven/org.webjars.npm:jquery>=1.0.3<3.5.0
nuget/jQuery>=1.0.3<3.5.0
rubygems/jquery-rails<4.4.0
npm/jquery>=1.0.3<3.5.0
debian/jquery
debian/node-jquery<=2.2.4+dfsg-4
and 105 more
CVE-2019-15165
libpcap. Multiple issues were addressed by updating to libpcap version 1.9.1
Tcpdump Libpcap<1.9.1
Debian Debian Linux=8.0
Debian Debian Linux=9.0
openSUSE Leap=15.0
openSUSE Leap=15.1
Oracle Communications Operations Monitor=3.4
and 30 more
CVE-2019-5482
cURL libcurl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the tftp_receive_packet function. By sending specially-crafted request containing an OACK without the ...
debian/curl
debian/curl<=7.52.1-5+deb9u9<=7.52.1-1<=7.64.0-4<=7.65.3-1
IBM Security Guardium<=10.5
IBM Security Guardium<=10.6
IBM Security Guardium<=11.0
IBM Security Guardium<=11.1
and 32 more
CVE-2019-5481
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
debian/curl
debian/curl<=7.52.1-5+deb9u9<=7.64.0-4<=7.65.3-1<=7.52.1-1
Haxx Curl>=7.52.0<=7.65.3
Fedoraproject Fedora=29
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 20 more
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This...
redhat/eap7-apache-cxf<0:3.2.11-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-6.SP3_redhat_00004.1.el6ea
redhat/eap7-hal-console<0:3.0.19-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.14-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-validator<0:6.0.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jackson-annotations<0:2.9.10-1.redhat_00003.1.el6ea
and 779 more
CVE-2019-10193
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRAN...
Redislabs Redis>=3.0.0<3.2.13
Redislabs Redis>=4.0.0<4.0.14
Redislabs Redis>=5.0<5.0.4
Redhat Openstack=9
Redhat Openstack=10
Redhat Openstack=13
and 22 more
CVE-2019-10192
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using t...
Redislabs Redis>=3.0.0<3.2.13
Redislabs Redis>=4.0.0<4.0.14
Redislabs Redis>=5.0<5.0.4
Redhat Openstack=9
Redhat Openstack=10
Redhat Openstack=13
and 25 more
CVE-2019-11358
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted J...
redhat/ansible-tower<0:3.5.2-1.el7a
redhat/cfme<0:5.10.9.1-1.el7cf
redhat/cfme-amazon-smartstate<0:5.10.9.1-1.el7cf
redhat/cfme-appliance<0:5.10.9.1-1.el7cf
redhat/cfme-gemset<0:5.10.9.1-1.el7cf
redhat/ovirt-ansible-hosted-engine-setup<0:1.0.23-1.el7e
and 267 more
CVE-2019-7548
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
pip/SQLAlchemy<1.3.0
Sqlalchemy Sqlalchemy=1.2.17
Debian Debian Linux=8.0
Debian Debian Linux=9.0
openSUSE Backports SLE=15.0
openSUSE Leap=15.0
and 11 more
CVE-2019-7164
SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
Sqlalchemy Sqlalchemy<=1.2.17
Sqlalchemy Sqlalchemy=1.3.0-beta1
Sqlalchemy Sqlalchemy=1.3.0-beta2
Debian Debian Linux=8.0
Debian Debian Linux=9.0
openSUSE Backports SLE=15.0
and 13 more
CVE-2019-3823
libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL termin...
Haxx Libcurl>=7.34.0<7.64.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Debian Debian Linux=9.0
and 17 more
CVE-2019-3822
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_messa...
ubuntu/curl<7.64.0
ubuntu/curl<7.47.0-1ubuntu2.12
ubuntu/curl<7.58.0-2ubuntu3.6
ubuntu/curl<7.61.0-1ubuntu2.3
redhat/curl<7.64.0
debian/curl
and 23 more
CVE-2018-16890
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does ...
Haxx Libcurl>=7.36.0<7.64.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=18.10
Debian Debian Linux=9.0
and 19 more
CVE-2019-16056
Python could allow a remote attacker to bypass security restrictions, caused by an issue with email module incorrectly parsing email address containing multiple &#64; characters. By sending a speciall...
redhat/python<0:2.7.5-88.el7
redhat/python3<0:3.6.8-13.el7
redhat/python<0:2.7.5-87.el7_7
redhat/python3<0:3.6.8-23.el8
redhat/rh-python36-python<0:3.6.9-2.el6
redhat/python27-python<0:2.7.17-2.el6
and 72 more
CVE-2018-11218
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
debian/redis
redhat/redis<3.2.12
redhat/redis<4.0.10
redhat/redis<5.0
Redislabs Redis<3.2.12
Redislabs Redis>=4.0<4.0.10
and 6 more
CVE-2018-11219
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.
debian/redis
redhat/redis<3.2.12
redhat/redis<4.0.10
redhat/redis<5.0
Redislabs Redis<3.2.12
Redislabs Redis>=4.0<4.0.10
and 6 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203