The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle Communications

Eclipse Jetty: privilege escalation via Temporary Directory Race
An attacker can bypass restrictions via Temporary Directory Race of Eclipse Jetty, in order to escalate his privileges...
cpujan2021, CVE-2020-27216, NTAP-20201123-0005, VIGILANCE-VUL-33678
Spring Security: read-write access via Signature Wrapping
An attacker can bypass access restrictions via Signature Wrapping of Spring Security, in order to read or alter data...
cpujan2021, cpuoct2020, CVE-2020-5407, VIGILANCE-VUL-33643
Apache Camel: code execution via RabbitMQ Java Deserialization
An attacker can use a vulnerability via RabbitMQ Java Deserialization of Apache Camel, in order to run code...
cpuoct2020, CVE-2020-11972, VIGILANCE-VUL-33642
Apache Camel: information disclosure via JMX Rebind Flaw
An attacker can bypass access restrictions to data via JMX Rebind Flaw of Apache Camel, in order to obtain sensitive information...
cpuoct2020, CVE-2020-11971, VIGILANCE-VUL-33641
Apache Camel: code execution via Netty Java Deserialization
An attacker can use a vulnerability via Netty Java Deserialization of Apache Camel, in order to run code...
cpuoct2020, CVE-2020-11973, VIGILANCE-VUL-33640
Tika OneNote Parser: denial of service via System.exit
An attacker can trigger a fatal error via System.exit of Tika OneNote Parser, in order to trigger a denial of service...
cpuoct2020, CVE-2020-9489, VIGILANCE-VUL-33639
Spring Security: information disclosure via CBC Null Initialization Vector
An attacker can bypass access restrictions to data via CBC Null Initialization Vector of Spring Security, in order to obtain sensitive information...
6344075, 6367943, cpujan2021, cpuoct2020, CVE-2020-5408, VIGILANCE-VUL-33518
Terracotta Quartz Scheduler: external XML entity injection via initDocumentParser
An attacker can transmit malicious XML data via initDocumentParser() to Terracotta Quartz Scheduler, in order to read a file, scan sites, or trigger a denial of service...
6344075, cpuapr2020, cpujul2020, cpuoct2020, CVE-2019-13990, VIGILANCE-VUL-33516
Apache CXF: information disclosure via InstrumentationManager Extension Bus
An attacker can bypass access restrictions to data via InstrumentationManager Extension Bus of Apache CXF, in order to obtain sensitive information...
6344071, cpuoct2020, CVE-2020-1954, RHSA-2020:4244-01, RHSA-2020:4245-01, RHSA-2020:4246-01, RHSA-2020:4247-01, RHSA-2020:4929-01, RHSA-2020:4930-01, RHSA-2020:4931-01, RHSA-2020:4932-01, VIGILANCE-VUL-33515
Apache CXF: information disclosure via OpenId Connect JWK Keys
An attacker can bypass access restrictions to data via OpenId Connect JWK Keys of Apache CXF, in order to obtain sensitive information...
6344071, cpujul2020, cpuoct2020, CVE-2019-12423, RHSA-2020:2058-01, RHSA-2020:2059-01, RHSA-2020:2060-01, RHSA-2020:2061-01, RHSA-2020:2106-01, RHSA-2020:2107-01, RHSA-2020:2108-01, RHSA-2020:2112-01, RHSA-2020:2113-01, RHSA-2020:2511-01, RHSA-2020:2512-01, RHSA-2020:2513-01, RHSA-2020:2515-01, VIGILANCE-VUL-33511
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle Communications: