Vulnerabilities > Oracle > Communications Billing AND Revenue Management > 12.0.0.3.0

DATE CVE VULNERABILITY TITLE RISK
2020-06-05 CVE-2020-12723 Classic Buffer Overflow vulnerability in multiple products
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
network
low complexity
perl netapp fedoraproject opensuse oracle CWE-120
7.5
7.5
2020-06-05 CVE-2020-10878 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation.
network
low complexity
perl fedoraproject opensuse netapp oracle CWE-190
8.6
8.6
2020-06-05 CVE-2020-10543 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
network
low complexity
perl fedoraproject opensuse oracle CWE-190
8.2
8.2
2020-04-29 CVE-2020-11022 Cross-site Scripting vulnerability in multiple products
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. 		6.1
6.1
2020-04-27 CVE-2020-9488 Improper Certificate Validation vulnerability in multiple products
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender.
network
high complexity
apache oracle debian qos CWE-295
3.7
3.7
2020-01-03 CVE-2019-20330 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
network
low complexity
fasterxml oracle debian netapp CWE-502
critical
 9.8
9.8
2019-10-12 CVE-2019-17531 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian redhat oracle netapp CWE-502
critical
 9.8
9.8
2019-10-01 CVE-2019-16943 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat oracle netapp CWE-502
critical
 9.8
9.8
2019-10-01 CVE-2019-16942 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat netapp oracle CWE-502
critical
 9.8
9.8
2019-08-20 CVE-2019-10086 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. 		7.3
7.3