Communications interactive session recorder
This hub aggregates every CVE we track for Communications interactive session recorder, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
19
CVEs tracked
2
Critical
6
High
2
In CISA KEV
Severity distribution
MEDIUM11HIGH6CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Communications interactive session recorder.
- CVE-2021-44832Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration6.6
- CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9
- CVE-2021-41184XSS in the `of` option of the `.position()` util6.5
- CVE-2021-41183XSS in `*Text` options of the Datepicker widget6.5
- CVE-2021-41182XSS in the `altField` option of the Datepicker widget6.5
- CVE-2021-2461Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications (component: Provision API). The supported version that is affected is 6.4. Easily exploitabl...8.3
- CVE-2021-22118In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory...7.8
- CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8
- CVE-2021-22112Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once...8.8
- CVE-2020-36189FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnection...8.1
- CVE-2020-35490FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.8.1
- CVE-2020-25649A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from...7.5
- CVE-2020-14574Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications Applications (component: FACE). Supported versions that are affected are 6.1-6.4. Difficult ...4.7
- CVE-2020-11023Potential XSS vulnerability in jQueryKEV6.9
- CVE-2019-10219A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. T...6.1
Product normalization is registry-driven with AI assist and human review. How it works