Vulnerabilities > Oracle > Communications Operations Monitor > 4.1

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-15	CVE-2020-14147	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. network low complexity redislabs oracle suse debian CWE-190	4.0
2020-04-29	CVE-2020-11023	Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery debian fedoraproject drupal oracle netapp tenable CWE-79	6.1
2019-10-03	CVE-2019-15165	Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. network low complexity tcpdump debian opensuse oracle apple canonical fedoraproject CWE-770	5.3
2019-09-16	CVE-2019-5482	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. network low complexity haxx fedoraproject opensuse netapp oracle debian CWE-787 critical	9.8
2019-09-16	CVE-2019-5481	Double Free vulnerability in multiple products Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. network low complexity haxx fedoraproject netapp oracle debian opensuse CWE-415 critical	9.8
2019-09-06	CVE-2019-16056	An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. network low complexity python fedoraproject debian canonical redhat oracle opensuse	7.5
2019-07-11	CVE-2019-10193	Out-of-bounds Write vulnerability in multiple products A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. network low complexity redislabs redhat debian canonical oracle CWE-787	6.5
2019-07-11	CVE-2019-10192	Out-of-bounds Write vulnerability in multiple products A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. network low complexity redislabs redhat debian canonical oracle CWE-787	6.5
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.