Vulnerabilities > Oracle > Communications Pricing Design Center > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-25	CVE-2020-24616	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). network high complexity fasterxml netapp oracle debian CWE-502	8.1
2020-06-05	CVE-2020-10878	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. network low complexity perl fedoraproject opensuse netapp oracle CWE-190	8.6
2020-06-05	CVE-2020-10543	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. network low complexity perl fedoraproject opensuse oracle CWE-190	8.2
2020-03-10	CVE-2020-5258	Code Injection vulnerability in multiple products In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. network high complexity linuxfoundation debian oracle CWE-94	7.7
2019-08-20	CVE-2019-10086	Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. network low complexity apache debian opensuse fedoraproject redhat oracle CWE-502	7.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.