Vulnerabilities > Oracle > Communications Cloud Native Core Network Exposure Function

DATE CVE VULNERABILITY TITLE RISK
2021-12-25 CVE-2021-45486 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
low complexity
linux oracle CWE-327
3.5
2021-12-13 CVE-2021-43818 lxml is a library for processing XML and HTML in the Python language.
network
low complexity
lxml fedoraproject debian netapp oracle
7.1
2021-11-17 CVE-2021-43976 In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). 4.6
2021-11-04 CVE-2021-43389 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.14.15.
local
low complexity
linux redhat debian oracle CWE-125
5.5
2021-11-03 CVE-2020-27820 A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
local
high complexity
linux fedoraproject oracle
4.7
2021-10-20 CVE-2021-42739 Out-of-bounds Write vulnerability in multiple products
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
6.7
2021-08-18 CVE-2021-21781 Use of Uninitialized Resource vulnerability in multiple products
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54.
local
low complexity
linux oracle CWE-908
3.3
2021-07-21 CVE-2021-37159 Use After Free vulnerability in multiple products
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
high complexity
linux debian oracle CWE-416
6.4
2021-07-09 CVE-2021-3612 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP.
7.8
2020-11-20 CVE-2020-4788 IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances.
local
high complexity
ibm fedoraproject oracle
4.7