Oracle communications policy management
This hub aggregates every CVE we track for Oracle communications policy management, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
15
CVEs tracked
1
Critical
4
High
1
In CISA KEV
Severity distribution
MEDIUM10HIGH4CRITICAL1
Monthly trend
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Oracle communications policy management.
- CVE-2024-4227gSOAP: Vulnerable to specially crafted unencrypted SDC messages7.5
- CVE-2021-23450Prototype Pollution7.5
- CVE-2021-21348XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)5.3
- CVE-2021-21349A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host6.1
- CVE-2021-21350XStream is vulnerable to an Arbitrary Code Execution attack5.3
- CVE-2021-21351XStream is vulnerable to an Arbitrary Code Execution attack5.4
- CVE-2021-21342A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host5.3
- CVE-2021-21344XStream is vulnerable to an Arbitrary Code Execution attack5.3
- CVE-2021-21345XStream is vulnerable to a Remote Command Execution attack5.8
- CVE-2021-21346XStream is vulnerable to an Arbitrary Code Execution attack6.1
- CVE-2021-21347XStream is vulnerable to an Arbitrary Code Execution attack6.1
- CVE-2020-17530Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.KEV9.8
- CVE-2019-0233An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.7.5
- CVE-2017-15707In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.6.2
- CVE-2015-5600The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it ...8.1
Product normalization is registry-driven with AI assist and human review. How it works