Sd-wan Edge Security Vulnerabilities and Issues — Sd-wan Edge CVE List

Lucene search

OracleSd-wan Edge

10 matches found

CVE•added 2020/12/03 7:15 p.m.•702 views

CVE-2020-17527

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this wou...

7.5CVSS7.5AI score0.08457EPSS

CVE•added 2020/10/12 2:15 p.m.•670 views

CVE-2020-13943

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could cont...

4.3CVSS4.7AI score0.12123EPSS

CVE•added 2020/12/03 5:15 p.m.•525 views

CVE-2020-25649

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.

7.5CVSS7.3AI score0.00011EPSS

CVE•added 2020/06/05 3:15 p.m.•441 views

CVE-2020-12723

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.

7.5CVSS8.1AI score0.00201EPSS

CVE•added 2020/08/19 1:15 p.m.•342 views

CVE-2020-24394

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

7.1CVSS6.8AI score0.00022EPSS

CVE•added 2020/06/05 2:15 p.m.•337 views

CVE-2020-10543

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

8.2CVSS8.7AI score0.03944EPSS

CVE•added 2020/07/30 9:15 p.m.•328 views

CVE-2020-16166

The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.

4.3CVSS5.6AI score0.0128EPSS

CVE•added 2020/05/09 9:15 p.m.•310 views

CVE-2020-12771

An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.

5.5CVSS5.9AI score0.00063EPSS

CVE•added 2020/12/17 7:15 p.m.•234 views

CVE-2020-35491

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.

8.1CVSS7.7AI score0.06892EPSS

CVE•added 2020/07/15 6:15 p.m.•34 views

CVE-2020-14606

Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). Supported versions that are affected are 8.2 and 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge. Wh...

10CVSS9.2AI score0.02045EPSS