Communications diameter signaling router
This hub aggregates every CVE we track for Communications diameter signaling router, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
99
CVEs tracked
20
Critical
42
High
2
In CISA KEV
Severity distribution
HIGH42MEDIUM35CRITICAL20LOW2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Communications diameter signaling router.
- CVE-2020-10650A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.j...8.1
- CVE-2021-44832Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration6.6
- CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9
- CVE-2021-21703PHP-FPM memory access in root process leading to privilege escalation7.8
- CVE-2021-37136The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Dec...7.5
- CVE-2021-37137The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was rece...7.5
- CVE-2021-42340DoS via memory leak with WebSocket connections7.5
- CVE-2021-34429For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security...5.3
- CVE-2021-33037Incorrect Transfer-Encoding handling with HTTP/1.05.3
- CVE-2021-30640Auth weakness in JNDIRealm6.5
- CVE-2021-21783A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an...9.8
- CVE-2021-21702Null Dereference in SoapClient5.3
- CVE-2020-36189FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnection...8.1
- CVE-2020-35490FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.8.1
- CVE-2020-35491FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.8.1
Product normalization is registry-driven with AI assist and human review. How it works