Enterprise communications broker

This hub aggregates every CVE we track for Enterprise communications broker, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Enterprise communications broker.

• CVE-2023-22083Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications (component: Web UI). Supported versions that are affected are 9.0-9.2. Easily exploitable vulnerab...4.3Oct 17, 2023
• CVE-2021-3712Read buffer overruns processing ASN.1 strings7.4Aug 24, 2021
• CVE-2021-3711SM2 Decryption Buffer Overflow9.8Aug 24, 2021
• CVE-2021-23017A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process c...7.7Jun 1, 2021
• CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8Apr 13, 2021
• CVE-2021-23337Command Injection7.2Feb 15, 2021
• CVE-2020-28500Regular Expression Denial of Service (ReDoS)5.3Feb 15, 2021
• CVE-2020-1971EDIPARTYNAME NULL pointer dereference5.9Dec 8, 2020
• CVE-2020-14721Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). Supported versions that are affected are 3.0.0-3.2.0. Easily exploita...6.3Jul 15, 2020
• CVE-2020-14722Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). Supported versions that are affected are 3.0.0-3.2.0. Difficult to ex...5.8Jul 15, 2020
• CVE-2020-14563Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). Supported versions that are affected are 3.0.0-3.2.0. Easily exploita...6.1Jul 15, 2020
• CVE-2020-8203Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.7.4Jul 15, 2020
• CVE-2020-11080Denial of service in nghttp23.7Jun 3, 2020
• CVE-2020-10725A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss ...7.7May 20, 2020
• CVE-2020-10726A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a res...6.0May 20, 2020