The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Communications

Apache Tomcat: code execution via Enabled AJP Connector
An attacker can use a vulnerability via Enabled AJP Connector of Apache Tomcat, in order to run code...
bulletinapr2020, CERTFR-2020-AVI-112, cpujul2020, CVE-2020-1938, DLA-2133-1, DLA-2209-1, DSA-4673-1, DSA-4680-1, FEDORA-2020-04ac174fa9, FEDORA-2020-c870aa8378, HPESBUX04015, openSUSE-SU-2020:0345-1, openSUSE-SU-2020:0597-1, RHSA-2020:0855-01, RHSA-2020:0912-01, RHSA-2020:1478-01, RHSA-2020:1479-01, RHSA-2020:2779-01, RHSA-2020:2780-01, RHSA-2020:2781-01, RHSA-2020:2783-01, RHSA-2020:2840-01, SUSE-SU-2020:0598-1, SUSE-SU-2020:0631-1, SUSE-SU-2020:0632-1, SUSE-SU-2020:0725-1, SUSE-SU-2020:1111-1, SUSE-SU-2020:1126-1, SUSE-SU-2020:1272-1, SUSE-SU-2020:14342-1, VIGILANCE-VUL-31664
Spring Security: privilege escalation via Multiple SecurityContext Changes
An attacker can bypass restrictions via Multiple SecurityContext Changes of Spring Security, in order to escalate his privileges...
cpuapr2021, CVE-2021-22112, VIGILANCE-VUL-34630
FasterXML Jackson Databind: code execution via dbcp.cpdsadapter.DriverAdapterCPDS
An attacker can use a vulnerability via dbcp.cpdsadapter.DriverAdapterCPDS of FasterXML Jackson Databind, in order to run code...
3004, 6410882, CERTFR-2021-AVI-101, cpuapr2021, CVE-2020-36179, CVE-2020-36180, CVE-2020-36181, CVE-2020-36182, DLA-2638-1, VIGILANCE-VUL-34261
FasterXML Jackson Databind: code execution via org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool
An attacker can use a vulnerability via org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool of FasterXML Jackson Databind, in order to run code...
3003, 6410882, CERTFR-2021-AVI-101, cpuapr2021, CVE-2020-36183, DLA-2638-1, VIGILANCE-VUL-34260
FasterXML Jackson Databind: code execution via org.apache.tomcat.dbcp.dbcp2.datasources
An attacker can use a vulnerability via org.apache.tomcat.dbcp.dbcp2.datasources of FasterXML Jackson Databind, in order to run code...
2998, 6410882, CERTFR-2021-AVI-101, cpuapr2021, CVE-2020-36184, CVE-2020-36185, DLA-2638-1, VIGILANCE-VUL-34259
FasterXML Jackson Databind: code execution via org.apache.tomcat.dbcp.dbcp.datasources
An attacker can use a vulnerability via org.apache.tomcat.dbcp.dbcp.datasources of FasterXML Jackson Databind, in order to run code...
2997, 6410882, CERTFR-2021-AVI-101, cpuapr2021, CVE-2020-36186, CVE-2020-36187, DLA-2638-1, VIGILANCE-VUL-34258
FasterXML Jackson Databind: code execution via com.newrelic.agent
An attacker can use a vulnerability via com.newrelic.agent of FasterXML Jackson Databind, in order to run code...
2996, 6410882, CERTFR-2021-AVI-101, cpuapr2021, CVE-2020-36188, CVE-2020-36189, DLA-2638-1, VIGILANCE-VUL-34257
FasterXML Jackson Databind: code execution via JNDIConnectionPool
An attacker can use a vulnerability via JNDIConnectionPool of FasterXML Jackson Databind, in order to run code...
2999, cpuapr2021, CVE-2020-35728, DLA-2638-1, openSUSE-SU-2021:0221-1, SUSE-SU-2021:0243-1, VIGILANCE-VUL-34212
Apache POI: external XML entity injection via XSSFExportToXml
An attacker can transmit malicious XML data via XSSFExportToXml to Apache POI, in order to read a file, scan sites, or trigger a denial of service...
6391000, cpujan2020, CVE-2019-12415, VIGILANCE-VUL-34184
Apache Groovy: information disclosure via Temporary Directories
An attacker can bypass access restrictions to data via Temporary Directories of Apache Groovy, in order to obtain sensitive information...
cpuapr2021, CVE-2020-17521, NTAP-20201218-0006, openSUSE-SU-2020:2367-1, SUSE-SU-2020:3917-1, VIGILANCE-VUL-34170
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Communications: