Vulnerabilities > Oracle > Communications Cloud Native Core Binding Support Function

DATE CVE VULNERABILITY TITLE RISK
2023-04-18 CVE-2023-21971 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).
network
high complexity
oracle netapp
5.3
2023-01-18 CVE-2023-21824 Unspecified vulnerability in Oracle products
Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager).
local
low complexity
oracle
4.4
2022-04-01 CVE-2022-22965 Code Injection vulnerability in multiple products
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
network
low complexity
vmware cisco oracle siemens veritas CWE-94
critical
9.8
2022-03-25 CVE-2021-4157 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS).
8.0
2022-03-25 CVE-2021-4203 Race Condition vulnerability in multiple products
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel.
network
high complexity
linux netapp oracle CWE-362
6.8
2022-03-25 CVE-2022-0322 Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access.
local
low complexity
linux fedoraproject oracle CWE-704
5.5
2022-03-23 CVE-2021-4197 Improper Authentication vulnerability in multiple products
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process.
local
low complexity
linux debian oracle broadcom netapp CWE-287
7.8
2022-03-18 CVE-2022-1011 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write().
7.8
2022-03-11 CVE-2022-0001 Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel oracle
6.5
2022-03-11 CVE-2022-0002 Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel oracle
6.5