Filtered by vendor Oracle
Subscribe
Filtered by product Communications Diameter Signaling Router
Subscribe
Total
80 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11998 | 2 Apache, Oracle | 7 Activemq, Communications Diameter Signaling Router, Communications Element Manager and 4 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html "A remote client could create a javax.management.loading.MLet MBean and use it to create new MBeans from arbitrary URLs, at least if there is no security manager. In other words, a rogue remote client could make your Java application execute arbitrary code." Mitigation: Upgrade to Apache ActiveMQ 5.15.13 | |||||
| CVE-2020-11971 | 2 Apache, Oracle | 5 Camel, Communications Diameter Intelligence Hub, Communications Diameter Signaling Router and 2 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0. | |||||
| CVE-2020-11994 | 2 Apache, Oracle | 4 Camel, Communications Diameter Signaling Router, Enterprise Manager Base Platform and 1 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Server-Side Template Injection and arbitrary file disclosure on Camel templating components | |||||
| CVE-2020-10878 | 5 Fedoraproject, Netapp, Opensuse and 2 more | 17 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 14 more | 2023-11-07 | 7.5 HIGH | 8.6 HIGH |
| Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. | |||||
| CVE-2020-10683 | 5 Canonical, Dom4j Project, Netapp and 2 more | 38 Ubuntu Linux, Dom4j, Oncommand Api Services and 35 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. | |||||
| CVE-2020-10543 | 4 Fedoraproject, Opensuse, Oracle and 1 more | 15 Fedora, Leap, Communications Billing And Revenue Management and 12 more | 2023-11-07 | 6.4 MEDIUM | 8.2 HIGH |
| Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. | |||||
| CVE-2019-1559 | 13 Canonical, Debian, F5 and 10 more | 90 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 87 more | 2023-11-07 | 4.3 MEDIUM | 5.9 MEDIUM |
| If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). | |||||
| CVE-2019-14379 | 7 Apple, Debian, Fasterxml and 4 more | 25 Xcode, Debian Linux, Jackson-databind and 22 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | |||||
| CVE-2019-14439 | 6 Apache, Debian, Fasterxml and 3 more | 18 Drill, Debian Linux, Jackson-databind and 15 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. | |||||
| CVE-2019-12423 | 2 Apache, Oracle | 8 Cxf, Commerce Guided Search, Communications Diameter Signaling Router and 5 more | 2023-11-07 | 4.3 MEDIUM | 7.5 HIGH |
| Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all. | |||||
| CVE-2019-0222 | 4 Apache, Debian, Netapp and 1 more | 8 Activemq, Debian Linux, E-series Santricity Web Services and 5 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. | |||||
| CVE-2018-1275 | 2 Oracle, Vmware | 19 Application Testing Suite, Big Data Discovery, Communications Converged Application Server and 16 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework. | |||||
| CVE-2018-1270 | 4 Debian, Oracle, Redhat and 1 more | 28 Debian Linux, Application Testing Suite, Big Data Discovery and 25 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. | |||||
| CVE-2018-15756 | 3 Debian, Oracle, Vmware | 40 Debian Linux, Agile Plm, Communications Brm - Elastic Charging Engine and 37 more | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This vulnerability affects applications that depend on either spring-webmvc or spring-webflux. Such applications must also have a registration for serving static resources (e.g. JS, CSS, images, and others), or have an annotated controller that returns an org.springframework.core.io.Resource. Spring Boot applications that depend on spring-boot-starter-web or spring-boot-starter-webflux are ready to serve static resources out of the box and are therefore vulnerable. | |||||
| CVE-2017-15095 | 5 Debian, Fasterxml, Netapp and 2 more | 25 Debian Linux, Jackson-databind, Oncommand Balance and 22 more | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. | |||||
| CVE-2019-2729 | 1 Oracle | 9 Communications Diameter Signaling Router, Communications Network Integrity, Hyperion Infrastructure Technology and 6 more | 2022-11-10 | 7.5 HIGH | 9.8 CRITICAL |
| Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2021-30640 | 3 Apache, Debian, Oracle | 7 Tomcat, Debian Linux, Communications Cloud Native Core Policy and 4 more | 2022-10-27 | 5.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. This issue affects Apache Tomcat 10.0.0-M1 to 10.0.5; 9.0.0.M1 to 9.0.45; 8.5.0 to 8.5.65. | |||||
| CVE-2021-45105 | 5 Apache, Debian, Netapp and 2 more | 121 Log4j, Debian Linux, Cloud Manager and 118 more | 2022-10-06 | 4.3 MEDIUM | 5.9 MEDIUM |
| Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. | |||||
| CVE-2020-11973 | 2 Apache, Oracle | 4 Camel, Communications Diameter Signaling Router, Enterprise Manager Base Platform and 1 more | 2022-10-05 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0. | |||||
| CVE-2020-35490 | 4 Debian, Fasterxml, Netapp and 1 more | 25 Debian Linux, Jackson-databind, Service Level Manager and 22 more | 2022-09-08 | 6.8 MEDIUM | 8.1 HIGH |
| FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. | |||||