Oracle

Communications Eagle Application Processor

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-21783

Exploit
  • EPSS 1.36%
  • Veröffentlicht 25.03.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:48:57

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.

7.5

CVE-2020-12723

  • EPSS 0.18%
  • Veröffentlicht 05.06.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 05:00:08

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.

8.2

CVE-2020-10543

  • EPSS 3.94%
  • Veröffentlicht 05.06.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:55:32

Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.

8.6

CVE-2020-10878

  • EPSS 0.11%
  • Veröffentlicht 05.06.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 04:56:16

Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.

6.1

CVE-2020-11022

Exploit
  • EPSS 22.55%
  • Veröffentlicht 29.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...

6.1

CVE-2020-11023

Warnung Exploit
  • EPSS 21.32%
  • Veröffentlicht 29.04.2020 21:15:11
  • Zuletzt bearbeitet 24.01.2025 02:00:02

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...

6.1

CVE-2019-10219

  • EPSS 1.67%
  • Veröffentlicht 08.11.2019 15:15:11
  • Zuletzt bearbeitet 07.07.2025 14:15:21

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.1

CVE-2019-11358

Exploit
  • EPSS 2.4%
  • Veröffentlicht 20.04.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:56

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...

5.6

CVE-2018-3693

  • EPSS 0.92%
  • Veröffentlicht 10.07.2018 21:29:01
  • Zuletzt bearbeitet 21.11.2024 04:05:53

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.

7.8

CVE-2018-7566

  • EPSS 0.13%
  • Veröffentlicht 30.03.2018 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:12:22

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.