Vulnerabilities > Oracle > Communications Cloud Native Core Binding Support Function > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2021-4203	A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. network high complexity linux netapp oracle	6.8
2022-03-25	CVE-2022-0322	Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. local low complexity linux fedoraproject oracle CWE-704	5.5
2022-03-11	CVE-2022-0001	Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. local low complexity intel oracle	6.5
2022-03-11	CVE-2022-0002	Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. local low complexity intel oracle	6.5
2022-03-04	CVE-2021-3744	A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). local low complexity linux fedoraproject debian redhat oracle	5.5
2022-03-04	CVE-2022-22946	Improper Certificate Validation vulnerability in multiple products In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. local low complexity vmware oracle CWE-295	5.5
2022-03-03	CVE-2021-4002	Memory Leak vulnerability in multiple products A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. local low complexity linux debian fedoraproject oracle CWE-401	4.4
2022-03-02	CVE-2021-3772	A flaw was found in the Linux SCTP stack. network high complexity linux redhat debian oracle netapp	6.5
2022-02-25	CVE-2022-24329	Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects. network low complexity jetbrains oracle CWE-829	5.3
2022-01-31	CVE-2022-0286	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux oracle CWE-476	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.