Vulnerabilities > Oracle > Communications Cloud Native Core Network Exposure Function > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-30	CVE-2022-1154	Use After Free vulnerability in multiple products Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. local low complexity vim fedoraproject debian oracle CWE-416	7.8
2022-03-04	CVE-2021-3737	Infinite Loop vulnerability in multiple products A flaw was found in python. network low complexity python redhat fedoraproject canonical netapp oracle CWE-835	7.5
2022-03-04	CVE-2021-3743	Out-of-bounds Read vulnerability in multiple products An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. local low complexity linux fedoraproject netapp oracle CWE-125	7.1
2022-02-24	CVE-2022-25636	Improper Privilege Management vulnerability in multiple products net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. local low complexity linux debian netapp oracle CWE-269	7.8
2022-02-18	CVE-2021-20322	Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. network high complexity linux fedoraproject debian netapp oracle CWE-330	7.4
2022-02-16	CVE-2021-3752	Race Condition vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. high complexity linux redhat fedoraproject netapp debian oracle CWE-362	7.1
2022-01-18	CVE-2021-4083	Race Condition vulnerability in multiple products A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. local high complexity linux netapp debian oracle CWE-362	7.0
2021-12-25	CVE-2021-45485	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. network low complexity linux netapp oracle CWE-327	7.5
2021-12-13	CVE-2021-43818	Injection vulnerability in multiple products lxml is a library for processing XML and HTML in the Python language. network low complexity lxml fedoraproject debian netapp oracle CWE-74	7.1
2021-07-09	CVE-2021-3612	Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. local low complexity linux redhat fedoraproject debian oracle netapp CWE-787	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.