Oracle

Communications Session Border Controller

22 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2020-10723

  • EPSS 0.13%
  • Published 19.05.2020 19:15:09
  • Last modified 21.11.2024 04:55:55

A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out...

6.7

CVE-2020-10722

  • EPSS 0.13%
  • Published 19.05.2020 19:15:09
  • Last modified 21.11.2024 04:55:55

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

6.1

CVE-2019-10219

  • EPSS 1.67%
  • Published 08.11.2019 15:15:11
  • Last modified 07.07.2025 14:15:21

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

9.8

CVE-2019-5482

  • EPSS 10.79%
  • Published 16.09.2019 19:15:10
  • Last modified 21.11.2024 04:45:01

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

9.8

CVE-2019-5481

  • EPSS 4.69%
  • Published 16.09.2019 19:15:10
  • Last modified 21.11.2024 04:45:01

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

5.9

CVE-2019-1559

  • EPSS 5.05%
  • Published 27.02.2019 23:29:00
  • Last modified 21.11.2024 04:36:48

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid...

7.8

CVE-2018-16865

Exploit
  • EPSS 2.07%
  • Published 11.01.2019 21:29:00
  • Last modified 21.11.2024 03:53:28

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remo...

7.8

CVE-2018-16864

Exploit
  • EPSS 0.15%
  • Published 11.01.2019 20:29:00
  • Last modified 21.11.2024 03:53:28

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash s...

7.8

CVE-2018-11237

  • EPSS 0.59%
  • Published 18.05.2018 16:29:00
  • Last modified 21.11.2024 03:42:58

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

9.8

CVE-2018-11236

  • EPSS 0.89%
  • Published 18.05.2018 16:29:00
  • Last modified 21.11.2024 03:42:57

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer over...