Total
45 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7548 | 5 Debian, Opensuse, Oracle and 2 more | 9 Debian Linux, Backports Sle, Leap and 6 more | 2024-02-04 | 6.8 MEDIUM | 7.8 HIGH |
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. | |||||
CVE-2018-11218 | 4 Debian, Oracle, Redhat and 1 more | 4 Debian Linux, Communications Operations Monitor, Openstack and 1 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows. | |||||
CVE-2018-11219 | 4 Debian, Oracle, Redhat and 1 more | 4 Debian Linux, Communications Operations Monitor, Openstack and 1 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. | |||||
CVE-2017-3730 | 2 Openssl, Oracle | 7 Openssl, Agile Engineering Data Management, Communications Application Session Controller and 4 more | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack. | |||||
CVE-2016-3513 | 1 Oracle | 1 Communications Operations Monitor | 2024-02-04 | 6.8 MEDIUM | 6.5 MEDIUM |
Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure. |