Communications Operations Monitor@4.2 Security Vulnerabilities and Issues — Communications Operations Monitor@4.2 CVE List

Lucene search

OracleCommunications Operations Monitor4.2

18 matches found

CVE•added 2021/06/01 1:15 p.m.•5796 views

CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

7.7CVSS6.3AI score0.76124EPSS

CVE•added 2019/09/16 7:15 p.m.•610 views

CVE-2019-5482

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

9.8CVSS9.7AI score0.10791EPSS

CVE•added 2019/09/16 7:15 p.m.•460 views

CVE-2019-5481

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

9.8CVSS9.3AI score0.0479EPSS

CVE•added 2019/10/03 7:15 p.m.•415 views

CVE-2019-15165

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

5.3CVSS6.2AI score0.01322EPSS

CVE•added 2019/02/20 12:29 a.m.•249 views

CVE-2019-7164

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

9.8CVSS9.7AI score0.01979EPSS

CVE•added 2019/02/06 9:29 p.m.•238 views

CVE-2019-7548

SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.

7.8CVSS9AI score0.01109EPSS

CVE•added 2019/11/08 3:15 p.m.•230 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01915EPSS

CVE•added 2020/06/15 6:15 p.m.•219 views

CVE-2020-14147

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large ...

7.7CVSS8AI score0.02324EPSS

CVE•added 2022/01/19 12:15 p.m.•78 views

CVE-2022-21246

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

5.4CVSS4.8AI score0.00185EPSS

CVE•added 2022/01/19 12:15 p.m.•70 views

CVE-2022-21400

5.4CVSS4.8AI score0.00185EPSS

CVE•added 2022/01/19 12:15 p.m.•64 views

CVE-2022-21401

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to comprom...

6.6CVSS5.9AI score0.00211EPSS

CVE•added 2022/01/19 12:15 p.m.•63 views

CVE-2022-21397

5.4CVSS4.8AI score0.00185EPSS

CVE•added 2022/01/19 12:15 p.m.•60 views

CVE-2022-21396

5.4CVSS4.8AI score0.00185EPSS

CVE•added 2022/01/19 12:15 p.m.•60 views

CVE-2022-21402

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to comprom...

4.9CVSS4.2AI score0.0019EPSS

CVE•added 2022/01/19 12:15 p.m.•59 views

CVE-2022-21395

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to comprom...

7.2CVSS7.2AI score0.01406EPSS

CVE•added 2022/01/19 12:15 p.m.•59 views

CVE-2022-21399

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to comprom...

6.6CVSS5.9AI score0.00211EPSS

CVE•added 2022/01/19 12:15 p.m.•56 views

CVE-2022-21403

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to comprom...

6.6CVSS5.9AI score0.00211EPSS

CVE•added 2022/01/19 12:15 p.m.•52 views

CVE-2022-21398

5.4CVSS4.8AI score0.00185EPSS