Communications offline mediation controller
This hub aggregates every CVE we track for Communications offline mediation controller, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
37
CVEs tracked
2
Critical
28
High
0
In CISA KEV
Severity distribution
HIGH28MEDIUM6CRITICAL2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Communications offline mediation controller.
- CVE-2022-23307A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.8.8
- CVE-2022-23305SQL injection in JDBC Appender in Apache Log4j V19.8
- CVE-2022-23302Deserialization of untrusted data in JMSSink in Apache Log4j 1.x8.8
- CVE-2021-44832Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration6.6
- CVE-2021-4104Deserialization of untrusted data in JMSAppender in Apache Log4j 1.27.5
- CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8
- CVE-2021-28041ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of a...7.1
- CVE-2020-11987Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vul...8.2
- CVE-2021-23336Web Cache Poisoning5.9
- CVE-2021-3177Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as unt...9.8
- CVE-2020-36179FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36180FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36182FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36183FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.8.1
- CVE-2020-36184FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.8.1
Product normalization is registry-driven with AI assist and human review. How it works