Vulnerabilities > Oracle > Communications Operations Monitor

DATE CVE VULNERABILITY TITLE RISK
2019-09-16 CVE-2019-5482 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
network
low complexity
haxx fedoraproject opensuse netapp oracle debian CWE-787
critical
9.8
2019-09-16 CVE-2019-5481 Double Free vulnerability in multiple products
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
network
low complexity
haxx fedoraproject netapp oracle debian opensuse CWE-415
critical
9.8
2019-09-06 CVE-2019-16056 An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. 7.5
2019-07-11 CVE-2019-10193 Out-of-bounds Write vulnerability in multiple products
A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4.
network
low complexity
redislabs redhat debian canonical oracle CWE-787
7.2
2019-07-11 CVE-2019-10192 Out-of-bounds Write vulnerability in multiple products
A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4.
network
low complexity
redislabs redhat debian canonical oracle CWE-787
7.2
2019-04-20 CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. 6.1
2019-02-20 CVE-2019-7164 SQL Injection vulnerability in multiple products
SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.
network
low complexity
sqlalchemy debian opensuse redhat oracle CWE-89
critical
9.8
2019-02-06 CVE-2019-7548 SQL Injection vulnerability in multiple products
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
local
low complexity
sqlalchemy debian opensuse redhat oracle CWE-89
7.8
2019-02-06 CVE-2019-3823 libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.
network
low complexity
haxx canonical debian netapp oracle
7.5
2019-02-06 CVE-2019-3822 Out-of-bounds Write vulnerability in multiple products
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow.
network
low complexity
haxx canonical debian netapp siemens oracle redhat CWE-787
critical
9.8