Enterprise Operations Monitor

enterprise_operations_monitor

Vendor: Oracle • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-23219 3Debian GnuOracle 8Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Function Cloud Native EnvironmentCommunications Cloud Native Core Network Repository Function+5 more May 5, 2025 Jan 14, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer o...Show more The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.Show less
CVE-2022-23218 3Debian GnuOracle 4Communications Cloud Native Core Unified Data Repository Debian LinuxEnterprise Operations Monitor+1 more May 5, 2025 Jan 14, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer ov...Show more The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.Show less
CVE-2021-43396 2Gnu Oracle 7Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Function Cloud Native EnvironmentCommunications Cloud Native Core Network Repository Function+4 more Nov 21, 2024 Nov 4, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This...Show more In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug.Show less
CVE-2021-38604 3Fedoraproject GnuOracle 8Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Function Cloud Native EnvironmentCommunications Cloud Native Core Network Repository Function+5 more May 30, 2025 Aug 12, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side...Show more In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. NOTE: this vulnerability was introduced as a side effect of the CVE-2021-33574 fix.Show less
CVE-2015-9251 2Jquery Oracle 47Agile Product Lifecycle Management For Process Banking PlatformBusiness Process Management Suite+44 more Nov 21, 2024 Jan 18, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.