VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
> Communications Unified Inventory Management
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-03-23
CVE-2021-21347
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21346
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21345
OS Command Injection vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-78
critical
9.9
9.9
2021-03-23
CVE-2021-21344
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.8
9.8
2021-03-23
CVE-2021-21343
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
7.5
7.5
2021-03-23
CVE-2021-21342
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
critical
9.1
9.1
2021-03-23
CVE-2021-21341
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
7.5
7.5
2021-02-23
CVE-2021-22112
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in).
network
low complexity
vmware
pivotal-software
oracle
8.8
8.8
2021-01-07
CVE-2020-36183
Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
network
high complexity
fasterxml
netapp
debian
oracle
CWE-502
8.1
8.1
2021-01-07
CVE-2020-36182
Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
network
high complexity
fasterxml
netapp
debian
oracle
CWE-502
8.1
8.1
«
Previous
1
2
3
4
(current)
5
6
...
7
8
»
Next