High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-19	CVE-2022-21420	Unspecified vulnerability in Oracle Coherence 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). network low complexity oracle	7.5
2022-04-19	CVE-2022-21431	Unspecified vulnerability in Oracle Communications Billing and Revenue Management 12.0.0.4/12.0.0.5 Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). network low complexity oracle	7.5
2022-04-19	CVE-2022-21445	Unspecified vulnerability in Oracle Jdeveloper 12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces). network low complexity oracle	7.5
2022-04-01	CVE-2022-22965	Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. network low complexity vmware cisco oracle siemens veritas CWE-94	7.5
2022-03-14	CVE-2022-23943	Out-of-bounds Write vulnerability in multiple products Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. network low complexity apache fedoraproject debian oracle CWE-787	7.5
2022-02-24	CVE-2021-35689	Unspecified vulnerability in Oracle Talent Acquisition Cloud A potential vulnerability in the Oracle Talent Acquisition Cloud - Taleo Enterprise Edition. network low complexity oracle	7.5
2022-02-18	CVE-2022-25315	Integer Overflow or Wraparound vulnerability in multiple products In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. network low complexity libexpat-project debian fedoraproject oracle CWE-190	7.5
2022-02-16	CVE-2022-25235	Improper Encoding or Escaping of Output vulnerability in multiple products xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. network low complexity libexpat-project debian fedoraproject oracle CWE-116	7.5
2022-02-16	CVE-2022-25236	Exposure of Resource to Wrong Sphere vulnerability in multiple products xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. network low complexity libexpat-project debian oracle CWE-668	7.5
2022-01-26	CVE-2022-23990	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. network low complexity libexpat-project tenable oracle debian fedoraproject CWE-190	7.5