Communications session border controller

This hub aggregates every CVE we track for Communications session border controller, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Communications session border controller.

• CVE-2021-2416Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable ...4.9Oct 20, 2021
• CVE-2021-2414Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable ...6.8Oct 20, 2021
• CVE-2021-3712Read buffer overruns processing ASN.1 strings7.4Aug 24, 2021
• CVE-2021-3711SM2 Decryption Buffer Overflow9.8Aug 24, 2021
• CVE-2021-33909fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root...7.8Jul 20, 2021
• CVE-2021-23017A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process c...7.7Jun 1, 2021
• CVE-2021-23337Command Injection7.2Feb 15, 2021
• CVE-2020-28500Regular Expression Denial of Service (ReDoS)5.3Feb 15, 2021
• CVE-2020-1971EDIPARTYNAME NULL pointer dereference5.9Dec 8, 2020
• CVE-2020-14580Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications Applications (component: System Admin). Supported versions that are affected are 8.1.0, 8.2.0 a...8.2Jul 15, 2020
• CVE-2020-8203Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.7.4Jul 15, 2020
• CVE-2020-10722A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowi...5.1May 19, 2020
• CVE-2020-10723A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copi...5.1May 19, 2020
• CVE-2019-10219A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. T...6.1Nov 8, 2019
• CVE-2019-5482Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.9.8Sep 16, 2019