Vulnerabilities > Oracle > Communications Cloud Native Core Policy
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-20 | CVE-2021-35574 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). | 7.5 |
2021-10-20 | CVE-2021-42739 | Out-of-bounds Write vulnerability in multiple products The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. | 6.7 |
2021-10-19 | CVE-2021-37136 | Resource Exhaustion vulnerability in multiple products The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). | 7.5 |
2021-09-22 | CVE-2021-38153 | Information Exposure Through Discrepancy vulnerability in multiple products Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. | 5.9 |
2021-09-17 | CVE-2021-3807 | ansi-regex is vulnerable to Inefficient Regular Expression Complexity | 7.5 |
2021-09-12 | CVE-2021-23440 | Type Confusion vulnerability in multiple products This affects the package set-value before <2.0.1, >=3.0.0 <4.0.1. | 9.8 |
2021-08-23 | CVE-2021-39140 | XStream is a simple library to serialize objects to XML and back again. | 6.3 |
2021-08-23 | CVE-2021-39150 | XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39152 | XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39139 | XStream is a simple library to serialize objects to XML and back again. | 8.8 |