Oracle Communications Performance Intelligence Center 10.4.0.2

CPE Details

Oracle Communications Performance Intelligence Center 10.4.0.2
oracle
communications_performance_intelligence_center
10.4.0.2
2021-11-29
15h39 +00:00
2021-12-02
21h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:communications_performance_intelligence_center:10.4.0.2:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

communications_performance_intelligence_center

Version

10.4.0.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-3156 2021-01-26 00h00 +00:00 Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
7.8
High
CVE-2020-12723 2020-06-05 12h20 +00:00 regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
7.5
High
CVE-2020-10878 2020-06-05 11h27 +00:00 Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
8.6
High
CVE-2020-10543 2020-06-05 11h17 +00:00 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
8.2
High
CVE-2020-10188 2020-03-06 13h07 +00:00 utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
9.8
Critical
CVE-2019-1559 2019-02-27 23h00 +00:00 If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
5.9
Medium