Vulnerabilities > Oracle > SD WAN Edge > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-04-01 CVE-2022-22965 Code Injection vulnerability in multiple products
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
network
low complexity
vmware cisco oracle siemens veritas CWE-94
critical
9.8
2022-04-01 CVE-2022-22963 Expression Language Injection vulnerability in multiple products
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
network
low complexity
vmware oracle CWE-917
critical
9.8
2020-07-15 CVE-2020-14606 Unspecified vulnerability in Oracle Sd-Wan Edge 8.2/9.0
Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface).
network
low complexity
oracle
critical
10.0
2019-07-19 CVE-2019-1010238 Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow.
network
low complexity
gnome oracle fedoraproject debian canonical redhat CWE-787
critical
9.8