Latest oracle communications session border controller Vulnerabilities

CVE-2021-2416
Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable vul...
Oracle Communications Session Border Controller=8.4
Oracle Communications Session Border Controller=9.0
CVE-2021-2414
Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable vul...
Oracle Communications Session Border Controller=8.4
Oracle Communications Session Border Controller=9.0
CVE-2021-3712
OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this ...
redhat/jbcs-httpd24-apr<0:1.6.3-107.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-84.el8
redhat/jbcs-httpd24-curl<0:7.78.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-78.el8
redhat/jbcs-httpd24-nghttp2<0:1.39.2-39.el8
redhat/jbcs-httpd24-openssl<1:1.1.1g-8.el8
and 79 more
CVE-2021-3711
OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVP_PKEY_decrypt() function within implementation of the SM2 decryption. By sending specially crafted SM2 content,...
debian/openssl
redhat/openssl<1.1.1
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
IBM Cognos Analytics<=11.1.1-11.1.7 FP7
OpenSSL OpenSSL>=1.1.1<1.1.1l
and 41 more
CVE-2021-33909
Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by an out-of-bounds write in fs/seq_file.c. By sending a specially-crafted request, an attacker could exploi...
redhat/kernel<0:2.6.32-754.41.2.el6
redhat/kernel-rt<0:3.10.0-1160.36.2.rt56.1179.el7
redhat/kernel<0:3.10.0-1160.36.2.el7
redhat/kernel<0:3.10.0-327.98.2.el7
redhat/kernel<0:3.10.0-514.90.2.el7
redhat/kernel<0:3.10.0-693.90.2.el7
and 169 more
CVE-2021-23017
A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting th...
F5 Nginx>=0.6.18<1.20.1
Openresty Openresty<1.19.3.2
Fedoraproject Fedora=33
Fedoraproject Fedora=34
NetApp ONTAP Select Deploy administration utility
Oracle Blockchain Platform<21.1.2
and 27 more
CVE-2021-23337
`lodash` versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
redhat/cockpit-ovirt<0:0.15.1-2.el8e
redhat/ovirt-engine-ui-extensions<0:1.2.6-1.el8e
redhat/ovirt-web-ui<0:1.6.9-1.el8e
redhat/nodejs-lodash<4.17.21
npm/lodash-template<=1.0.0
npm/lodash.template<=4.5.0
and 50 more
CVE-2020-28500
A flaw was found in nodejs-lodash. A Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions is possible.
redhat/cockpit-ovirt<0:0.15.1-2.el8e
redhat/ovirt-engine-ui-extensions<0:1.2.6-1.el8e
redhat/ovirt-web-ui<0:1.6.9-1.el8e
npm/lodash.trim<=4.5.1
npm/lodash.trimend<=4.5.1
npm/lodash-es<4.17.21
and 44 more
CVE-2020-1971
A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash res...
redhat/jbcs-httpd24-brotli<0:1.0.6-40.jbcs.el7
redhat/jbcs-httpd24-httpd<0:2.4.37-66.jbcs.el7
redhat/jbcs-httpd24-nghttp2<0:1.39.2-35.jbcs.el7
redhat/jbcs-httpd24-openssl<1:1.1.1g-3.jbcs.el7
redhat/jbcs-httpd24-openssl-chil<0:1.0.0-3.jbcs.el7
redhat/jbcs-httpd24-openssl-pkcs11<0:0.4.10-18.jbcs.el7
and 95 more
CVE-2020-10723
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied ...
redhat/openvswitch2.11<0:2.11.0-54.20200327gita4efc59.el7fd
redhat/openvswitch<0:2.9.0-130.el7fd
redhat/openvswitch2.13<0:2.13.0-25.el8fd
redhat/openvswitch2.11<0:2.11.0-54.20200327gita4efc59.el8fd
redhat/dpdk<0:18.11.8-1.el7_8
redhat/dpdk<0:19.11.3-1.el8
and 21 more
CVE-2020-10722
A vulnerability was found in DPDK through version 18.11, vhost_user_set_log_base() is a message handler that is called to handle the VHOST_USER_SET_LOG_BASE message. Its payload contains a 64 bit size...
redhat/openvswitch2.11<0:2.11.0-54.20200327gita4efc59.el7fd
redhat/openvswitch<0:2.9.0-130.el7fd
redhat/openvswitch2.13<0:2.13.0-25.el8fd
redhat/openvswitch2.11<0:2.11.0-54.20200327gita4efc59.el8fd
redhat/dpdk<0:18.11.8-1.el7_8
redhat/dpdk<0:19.11.3-1.el8
and 21 more
CVE-2020-8203
A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to...
redhat/kiali<0:v1.12.10.redhat2-1.el7
redhat/ior<0:1.1.6-1.el8
redhat/servicemesh<0:1.1.6-1.el8
redhat/servicemesh-cni<0:1.1.6-1.el8
redhat/servicemesh-grafana<0:6.4.3-13.el8
redhat/servicemesh-operator<0:1.1.6-2.el8
and 54 more
CVE-2019-5482
cURL libcurl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the tftp_receive_packet function. By sending specially-crafted request containing an OACK without the ...
debian/curl
debian/curl<=7.52.1-5+deb9u9<=7.52.1-1<=7.64.0-4<=7.65.3-1
IBM Security Guardium<=10.5
IBM Security Guardium<=10.6
IBM Security Guardium<=11.0
IBM Security Guardium<=11.1
and 32 more
CVE-2019-5481
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
debian/curl
debian/curl<=7.52.1-5+deb9u9<=7.64.0-4<=7.65.3-1<=7.52.1-1
Haxx Curl>=7.52.0<=7.65.3
Fedoraproject Fedora=29
Fedoraproject Fedora=30
Fedoraproject Fedora=31
and 20 more
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This...
redhat/eap7-apache-cxf<0:3.2.11-1.redhat_00001.1.el6ea
redhat/eap7-glassfish-jsf<0:2.3.5-6.SP3_redhat_00004.1.el6ea
redhat/eap7-hal-console<0:3.0.19-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.14-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate-validator<0:6.0.18-1.Final_redhat_00001.1.el6ea
redhat/eap7-jackson-annotations<0:2.9.10-1.redhat_00003.1.el6ea
and 795 more
CVE-2019-1559
OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. ...
redhat/openssl<0:1.0.1e-58.el6_10
redhat/openssl<1:1.0.2k-19.el7
redhat/jws5-ecj<0:4.12.0-1.redhat_1.1.el6
redhat/jws5-javapackages-tools<0:3.4.1-5.15.11.el6
redhat/jws5-jboss-logging<0:3.3.2-1.Final_redhat_00001.1.el6
redhat/jws5-tomcat<0:9.0.21-10.redhat_4.1.el6
and 226 more
CVE-2018-16865
A flaw was found in systemd-journald. An uncontrolled alloca() by writing a crafted message to /run/systemd/journal/socket that results in a stack buffer overflow. This can lead to a denial of service...
Systemd Project Systemd<=240
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server Aus=7.3
Redhat Enterprise Linux Server Aus=7.6
Redhat Enterprise Linux Server Eus=7.5
and 19 more
CVE-2018-16864
A flaw was found in systemd-journald. A stack buffer overflow when passing several MB of arguments to a program calling syslog function. This can lead to a denial of service attack or arbitrary code e...
Systemd Project Systemd<=240
Redhat Enterprise Linux Desktop=7.0
Redhat Enterprise Linux Server=7.0
Redhat Enterprise Linux Server=7.4
Redhat Enterprise Linux Server=7.5
Redhat Enterprise Linux Server=7.6
and 22 more
CVE-2018-11237
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcp...
redhat/glibc<2.28
ubuntu/glibc<2.27-3ubuntu1.2
ubuntu/glibc<2.28
ubuntu/glibc<2.23-0ubuntu11.2
GNU glibc<=2.27
Redhat Virtualization Host=4.0
and 14 more
CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit a...
redhat/glibc<2.28
ubuntu/glibc<2.27-3ubuntu1.2
ubuntu/glibc<2.28
ubuntu/glibc<2.23-0ubuntu11.2
debian/glibc
GNU glibc<=2.27
and 11 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203