CPE – Oracle Communications Billing and Revenue Management 7.5.0.23.0

CPE Details

Oracle Communications Billing and Revenue Management 7.5.0.23.0

Vendor

oracle

Product

communications_billing_and_revenue_management

Version

7.5.0.23.0

Created

2020-12-28
11h31 +00:00

Modifié

2020-12-28
11h31 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*

Informations

Vendor

oracle

Product

communications_billing_and_revenue_management

Version

7.5.0.23.0

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2020-36179	2021-01-06 21h30 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.	8.8	Haute
CVE-2020-36180	2021-01-06 21h30 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.	8.8	Haute
CVE-2020-36182	2021-01-06 21h30 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.	8.8	Haute
CVE-2020-36183	2021-01-06 21h30 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.	8.1	Haute
CVE-2020-36184	2021-01-06 21h30 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.	8.8	Haute
CVE-2020-36185	2021-01-06 21h29 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.	8.1	Haute
CVE-2020-36186	2021-01-06 21h29 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource.	8.1	Haute
CVE-2020-36187	2021-01-06 21h29 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.	8.1	Haute
CVE-2020-36188	2021-01-06 21h29 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.	8.1	Haute
CVE-2020-36189	2021-01-06 21h29 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.	8.1	Haute
CVE-2020-36181	2021-01-06 21h29 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.	8.8	Haute
CVE-2020-35728	2020-12-27 03h32 +00:00	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).	8.1	Haute
CVE-2020-25649	2020-12-03 15h16 +00:00	A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.	7.5	Haute
CVE-2020-8203	2020-07-15 14h10 +00:00	Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.	7.4	Haute
CVE-2020-11022	2020-04-28 22h00 +00:00	In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.	6.9	Moyen
CVE-2020-9488	2020-04-27 13h36 +00:00	Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1	3.7	Bas
CVE-2019-20330	2020-01-03 02h35 +00:00	FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.	9.8	Critique
CVE-2019-17531	2019-10-12 18h07 +00:00	A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.	9.8	Critique
CVE-2019-16943	2019-10-01 14h06 +00:00	A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.	9.8	Critique
CVE-2019-16942	2019-10-01 14h04 +00:00	A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.	9.8	Critique
CVE-2019-11358	2019-04-18 22h00 +00:00	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.	6.1	Moyen

Oracle Communications Billing and Revenue Management 7.5.0.23.0

CPE Details

CPE Name: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*