Vulnerabilities > Oracle > Enterprise Communications Broker > 3.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-24 | CVE-2021-3711 | Classic Buffer Overflow vulnerability in multiple products In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). | 9.8 |
| 2021-08-24 | CVE-2021-3712 | Out-of-bounds Read vulnerability in multiple products ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. | 7.4 |
| 2021-02-15 | CVE-2021-23337 | Code Injection vulnerability in multiple products Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. | 7.2 |
| 2021-02-15 | CVE-2020-28500 | Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. | 5.3 |
| 2020-07-15 | CVE-2020-14722 | Unspecified vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0 Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). | 5.8 |
| 2020-07-15 | CVE-2020-14721 | Unspecified vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0 Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). | 6.3 |
| 2020-07-15 | CVE-2020-14563 | Cross-site Scripting vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0 Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). | 6.1 |
| 2020-07-15 | CVE-2020-8203 | Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. | 7.4 |
| 2020-06-03 | CVE-2020-11080 | In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. | 7.5 |
| 2020-05-20 | CVE-2020-10726 | A vulnerability was found in DPDK versions 19.11 and above. | 4.4 |