VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Enterprise Communications Broker
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-08-24
CVE-2021-3712
Out-of-bounds Read vulnerability in multiple products
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length.
network
high complexity
openssl
debian
netapp
mcafee
tenable
oracle
siemens
CWE-125
7.4
7.4
2021-06-01
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
network
high complexity
f5
openresty
fedoraproject
netapp
oracle
7.7
7.7
2021-02-15
CVE-2021-23337
Code Injection vulnerability in multiple products
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
network
low complexity
lodash
oracle
netapp
siemens
CWE-94
7.2
7.2
2020-07-15
CVE-2020-8203
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
network
high complexity
lodash
oracle
7.4
7.4
2020-06-03
CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service.
network
low complexity
nghttp2
debian
opensuse
fedoraproject
oracle
nodejs
7.5
7.5
2020-05-20
CVE-2020-10725
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host.
network
low complexity
dpdk
fedoraproject
opensuse
oracle
7.7
7.7
2019-08-13
CVE-2019-9513
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service.
network
low complexity
apple
apache
canonical
debian
fedoraproject
synology
opensuse
redhat
oracle
mcafee
f5
nodejs
7.5
7.5
2019-08-13
CVE-2019-9511
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service.
network
low complexity
apple
apache
canonical
debian
synology
fedoraproject
opensuse
redhat
oracle
mcafee
f5
nodejs
CWE-770
7.5
7.5
2019-01-11
CVE-2018-16865
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket.
local
low complexity
systemd-project
redhat
debian
canonical
oracle
7.8
7.8
2019-01-11
CVE-2018-16864
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog.
local
low complexity
systemd-project
redhat
debian
canonical
oracle
7.8
7.8
«
1
(current)
2
»
Next