Vulnerabilities > Oracle > Communications Cloud Native Core Binding Support Function > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-18 CVE-2023-21971 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).
network
high complexity
oracle netapp
5.3
2023-01-18 CVE-2023-21824 Unspecified vulnerability in Oracle products
Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager).
local
low complexity
oracle
4.4
2022-03-25 CVE-2021-4203 Race Condition vulnerability in multiple products
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel.
network
high complexity
linux netapp oracle CWE-362
6.8
2022-03-25 CVE-2022-0322 Incorrect Type Conversion or Cast vulnerability in multiple products
A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access.
local
low complexity
linux fedoraproject oracle CWE-704
5.5
2022-03-11 CVE-2022-0001 Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel oracle
6.5
2022-03-11 CVE-2022-0002 Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel oracle
6.5
2022-03-04 CVE-2021-3744 Memory Leak vulnerability in multiple products
A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).
5.5
2022-03-04 CVE-2022-22946 Improper Certificate Validation vulnerability in multiple products
In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager.
local
low complexity
vmware oracle CWE-295
5.5
2022-03-03 CVE-2021-4002 Memory Leak vulnerability in multiple products
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages.
local
low complexity
linux debian fedoraproject oracle CWE-401
4.4
2022-03-02 CVE-2021-3772 A flaw was found in the Linux SCTP stack.
network
high complexity
linux redhat debian oracle netapp
6.5