Oracle Sd-wan_edge
25 CVEs affecting Oracle Sd-wan_edge. Latest disclosed: 2022-04-01. Critical: 4, High: 11.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-14606 | Critical | 10.0 | 2020-07-15 | Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). Supported versions that are affected are 8.2… |
CVE-2022-22965 | Critical | 9.8 | 2022-04-01 | A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires t… |
CVE-2022-22963 | Critical | 9.8 | 2022-04-01 | In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a speciall… |
CVE-2019-1010238 | Critical | 9.8 | 2019-07-19 | Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is… |
CVE-2019-14821 | High | 8.8 | 2019-09-19 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO w… |
CVE-2020-10543 | High | 8.2 | 2020-06-05 | Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. |
CVE-2020-35491 | High | 8.1 | 2020-12-17 | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasou… |
CVE-2019-3900 | High | 7.7 | 2019-04-25 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). I… |
CVE-2020-36518 | High | 7.5 | 2022-03-11 | jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. |
CVE-2021-42340 | High | 7.5 | 2021-10-14 | The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. Th… |
CVE-2020-17527 | High | 7.5 | 2020-12-03 | While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request… |
CVE-2020-25649 | High | 7.5 | 2020-12-03 | A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity… |
CVE-2020-12723 | High | 7.5 | 2020-06-05 | regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. |
CVE-2019-19052 | High | 7.5 | 2019-11-18 | A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (me… |
CVE-2020-24394 | High | 7.1 | 2020-08-19 | In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL suppo… |
CVE-2019-5108 | Medium | 6.5 | 2019-12-23 | An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP… |
CVE-2019-10219 | Medium | 6.1 | 2019-11-08 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious cod… |
CVE-2020-12771 | Medium | 5.5 | 2020-05-09 | An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. |
CVE-2019-19922 | Medium | 5.5 | 2019-12-22 | kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service agai… |
CVE-2021-33037 | Medium | 5.3 | 2021-07-12 | Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstanc… |