Vulnerabilities > Oracle > Enterprise Communications Broker > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-13 CVE-2021-29425 Path Traversal vulnerability in multiple products
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
network
high complexity
apache debian oracle netapp CWE-22
4.8
2021-02-15 CVE-2020-28500 Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
network
low complexity
lodash oracle siemens
5.3
2020-12-08 CVE-2020-1971 NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names.
5.9
2020-07-15 CVE-2020-14722 Unspecified vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI).
network
high complexity
oracle
5.8
2020-07-15 CVE-2020-14721 Unspecified vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI).
network
low complexity
oracle
6.3
2020-07-15 CVE-2020-14563 Cross-site Scripting vulnerability in Oracle Enterprise Communications Broker 3.0.0/3.1.0/3.2.0
Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI).
network
low complexity
oracle CWE-79
6.1
2020-05-20 CVE-2020-10726 A vulnerability was found in DPDK versions 19.11 and above.
local
low complexity
dpdk fedoraproject opensuse oracle
4.4
2020-05-19 CVE-2020-10723 A memory corruption issue was found in DPDK versions 17.05 and above.
local
low complexity
dpdk canonical fedoraproject opensuse oracle
6.7
2020-05-19 CVE-2020-10722 A vulnerability was found in DPDK versions 18.05 and above.
local
low complexity
dpdk canonical fedoraproject opensuse oracle
6.7
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1