Vulnerabilities > Oracle > Communications Unified Inventory Management > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2021-39146 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39147 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39148 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39149 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39151 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39153 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39154 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-07-13 CVE-2021-36090 When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache oracle netapp
7.5
2021-05-28 CVE-2021-29505 XStream is software for serializing Java objects to XML and back again. 8.8
2021-05-27 CVE-2021-22118 Exposure of Resource to Wrong Sphere vulnerability in multiple products
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.
local
low complexity
vmware oracle netapp CWE-668
7.8