📦 Communications Cloud Native Core Binding Support Function
by Oracle
🔍 What is Communications Cloud Native Core Binding Support Function?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2022-22947 is a critical remote code execution vulnerability in Spring Cloud Gateway when the Actuator endpoint is enabled and exposed without proper security controls. Attackers can send speciall...
A netfilter flaw allows network-connected attackers to infer OpenVPN connection endpoint information by analyzing network traffic patterns. This affects Linux systems running OpenVPN with netfilter en...
CVE-2021-43527 is a critical heap overflow vulnerability in NSS (Network Security Services) that allows remote code execution when processing malicious DER-encoded DSA or RSA-PSS signatures. It affect...
The Python ipaddress library incorrectly interprets IP addresses with leading zeros in octets, treating them as octal numbers instead of decimal. This allows attackers to bypass IP-based access contro...
This vulnerability is an out-of-bounds memory write flaw in the Linux kernel's NFS subsystem, specifically affecting mirroring/replication functionality. It allows authenticated users with NFS mount a...
This Linux kernel vulnerability allows a local unprivileged user to write to file handlers in the cgroups subsystem, potentially leading to system crashes or privilege escalation. It affects both cgro...
A use-after-free vulnerability in the Linux kernel's FUSE filesystem allows a local attacker to trigger write() operations that can lead to unauthorized data access and privilege escalation. This affe...
CVE-2020-36518 is a denial-of-service vulnerability in Jackson Databind where processing deeply nested JSON objects causes a Java StackOverflowError, crashing the application. This affects any Java ap...
CVE-2022-23308 is a use-after-free vulnerability in libxml2's validation component that allows attackers to potentially execute arbitrary code or cause denial of service. It affects applications that ...
CVE-2022-25636 is a heap out-of-bounds write vulnerability in the Linux kernel's netfilter component that allows local users to escalate privileges to root. The vulnerability affects Linux kernel vers...
This Linux kernel vulnerability allows remote attackers to bypass UDP source port randomization by exploiting flaws in ICMP error processing. Attackers can scan open UDP ports more effectively, compro...
A use-after-free vulnerability in the Linux kernel's Bluetooth subsystem allows local attackers to crash the system or potentially escalate privileges through a race condition when connecting and disc...
A race condition vulnerability in the Linux kernel's Unix domain socket garbage collection allows local users to trigger a read-after-free memory flaw. This can lead to system crashes or privilege esc...
CVE-2021-37136 is a denial-of-service vulnerability in Netty's Bzip2Decoder that allows attackers to trigger out-of-memory errors by sending specially crafted Bzip2 compressed data. The vulnerability ...
CVE-2021-39150 is a deserialization vulnerability in XStream library that allows remote attackers to access internal resources by manipulating XML input streams. Only affects users who rely on XStream...
CVE-2021-39154 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Only users who haven't implemented XStream...
CVE-2021-39144 is a remote code execution vulnerability in XStream library versions before 1.4.18. Attackers with sufficient privileges can execute arbitrary commands on the host by manipulating XML i...
CVE-2021-39146 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Only users who haven't implemented XStream...
CVE-2021-39148 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Only users who haven't implemented XStream...
CVE-2021-39151 is a remote code execution vulnerability in XStream library versions before 1.4.18. Attackers can manipulate XML input to execute arbitrary code on affected systems. Only users who have...
CVE-2021-39139 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input streams. Users are affected if they use XStream out...
A local privilege escalation vulnerability in Linux kernel versions before 5.9-rc1 allows attackers with local access to crash systems or gain root privileges through improper bounds checking in joyst...
CVE-2021-22901 is a use-after-free vulnerability in curl/libcurl that allows a malicious TLS 1.3 server to potentially execute arbitrary code on the client. This affects curl clients using OpenSSL wit...
This vulnerability in Libgcrypt allows side-channel attacks against ElGamal encryption due to missing exponent blinding and inappropriate window size selection. Attackers can potentially recover priva...
This vulnerability allows a locally authenticated malicious user to escalate privileges in Spring Framework WebFlux applications by manipulating temporary storage directories. Attackers can read or mo...