Vulnerabilities > Oracle > Communications Cloud Native Core Policy > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-18 | CVE-2023-21971 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). | 5.3 |
| 2023-01-18 | CVE-2023-21824 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). | 4.4 |
| 2022-03-25 | CVE-2021-4203 | Race Condition vulnerability in multiple products A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. | 6.8 |
| 2022-03-25 | CVE-2022-0322 | Incorrect Type Conversion or Cast vulnerability in multiple products A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. | 5.5 |
| 2022-03-11 | CVE-2022-0001 | Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 6.5 |
| 2022-03-11 | CVE-2022-0002 | Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 6.5 |
| 2022-03-04 | CVE-2021-3744 | Memory Leak vulnerability in multiple products A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption). | 5.5 |
| 2022-03-03 | CVE-2021-4002 | Memory Leak vulnerability in multiple products A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. | 4.4 |
| 2022-03-02 | CVE-2021-3772 | Improper Validation of Integrity Check Value vulnerability in multiple products A flaw was found in the Linux SCTP stack. | 6.5 |
| 2022-01-31 | CVE-2022-0286 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. | 5.5 |