Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Communications Eagle Application Processor
Total 12 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21783 2 Genivia, Oracle 6 Gsoap, Communications Diameter Signaling Router, Communications Eagle Application Processor and 3 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2020-12723 5 Fedoraproject, Netapp, Opensuse and 2 more 16 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 13 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
CVE-2020-11023 7 Debian, Drupal, Fedoraproject and 4 more 55 Debian Linux, Drupal, Fedora and 52 more 2024-11-21 4.3 MEDIUM 6.9 MEDIUM
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022 8 Debian, Drupal, Fedoraproject and 5 more 78 Debian Linux, Drupal, Fedora and 75 more 2024-11-21 4.3 MEDIUM 6.9 MEDIUM
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-10878 5 Fedoraproject, Netapp, Opensuse and 2 more 17 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 14 more 2024-11-21 7.5 HIGH 8.6 HIGH
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2020-10543 4 Fedoraproject, Opensuse, Oracle and 1 more 15 Fedora, Leap, Communications Billing And Revenue Management and 12 more 2024-11-21 6.4 MEDIUM 8.2 HIGH
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
CVE-2019-11358 11 Backdropcms, Debian, Drupal and 8 more 105 Backdrop, Debian Linux, Drupal and 102 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2019-10219 3 Netapp, Oracle, Redhat 195 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 192 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVE-2018-7566 6 Canonical, Debian, Linux and 3 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2018-3693 7 Arm, Fujitsu, Intel and 4 more 228 Cortex-a, Cortex-r, M12-1 and 225 more 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
CVE-2016-5458 1 Oracle 1 Communications Eagle Application Processor 2024-11-21 5.5 MEDIUM 6.4 MEDIUM
Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to APPL.
CVE-2015-0235 7 Apple, Debian, Gnu and 4 more 18 Mac Os X, Debian Linux, Glibc and 15 more 2024-11-21 10.0 HIGH N/A
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."