Oracle Communications_order_and_service_management
13 CVEs affecting Oracle Communications_order_and_service_management. Latest disclosed: 2025-04-15. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-0227 | High | 7.5 | 2019-05-01 | A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits c… |
CVE-2025-21542 | Medium | 6.3 | 2025-01-21 | Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Supported version… |
CVE-2020-1945 | Medium | 6.3 | 2020-05-14 | Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and… |
CVE-2018-2756 | Medium | 6.3 | 2018-04-19 | Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: WebUI). Supported versio… |
CVE-2018-8032 | Medium | 6.1 | 2018-08-02 | Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. |
CVE-2018-2567 | Medium | 6.1 | 2018-01-18 | Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: Portal). Supported versi… |
CVE-2025-30729 | Medium | 5.5 | 2025-04-15 | Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Supported version… |
CVE-2021-36374 | Medium | 5.5 | 2021-07-14 | When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of… |
CVE-2021-36373 | Medium | 5.5 | 2021-07-14 | When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error… |
CVE-2025-21544 | Medium | 5.4 | 2025-01-21 | Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Supported version… |
CVE-2025-21554 | Medium | 5.3 | 2025-01-21 | Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Supported version… |
CVE-2021-29425 | Medium | 4.8 | 2021-04-13 | In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result wou… |
CVE-2023-22088 | Medium | 4.3 | 2023-10-17 | Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: User Management). Supported… |