Oracle Communications Session Border Controller 8.2

CPE Details

Oracle Communications Session Border Controller 8.2
oracle
communications_session_border_controller
8.2
2022-02-14
16h05 +00:00
2022-02-15
03h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

communications_session_border_controller

Version

8.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-33909 2021-07-20 16h01 +00:00 fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
7.8
High
CVE-2020-10722 2020-05-19 16h04 +00:00 A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.
6.7
Medium
CVE-2020-10723 2020-05-19 16h02 +00:00 A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.
6.7
Medium
CVE-2019-10219 2019-11-08 13h46 +00:00 A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
6.1
Medium
CVE-2019-1559 2019-02-27 23h00 +00:00 If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
5.9
Medium