VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Communications Unified Inventory Management
> 7.3.5
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-03-23
CVE-2021-21348
Resource Exhaustion vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-400
7.5
7.5
2021-03-23
CVE-2021-21347
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-434
critical
9.8
9.8
2021-03-23
CVE-2021-21346
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-434
critical
9.8
9.8
2021-03-23
CVE-2021-21345
OS Command Injection vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-78
critical
9.9
9.9
2021-03-23
CVE-2021-21344
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-434
critical
9.8
9.8
2021-03-23
CVE-2021-21343
External Control of File Name or Path vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-73
7.5
7.5
2021-03-23
CVE-2021-21342
Deserialization of Untrusted Data vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-502
critical
9.1
9.1
2021-03-23
CVE-2021-21341
Deserialization of Untrusted Data vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-502
7.5
7.5
2020-09-19
CVE-2020-5421
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
network
high complexity
vmware
oracle
netapp
6.5
6.5
2019-11-08
CVE-2019-10219
Cross-site Scripting vulnerability in multiple products
A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat
netapp
oracle
CWE-79
6.1
6.1
«
Previous
1
2
3
(current)
4
»
Next