← Back

Sd Wan Aware

sd-wan_aware

Vendor: Oracle • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-21705
3Netapp
OraclePhp
3Clustered Data Ontap
PhpSd Wan Aware
Nov 21, 2024
Oct 4, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can b...Show more
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.Show less
CVE-2020-14701
1Oracle
1Sd Wan Aware
Nov 21, 2024
Jul 15, 2020
N/A· v4
10.0 CRITICAL· v3
7.5 HIGH· v2
Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: User Interface). The supported version that is affected is 8.2. Easily exploitable vulnerability allows unauthenticated a...Show more
Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: User Interface). The supported version that is affected is 8.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Aware. While the vulnerability is in Oracle SD-WAN Aware, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle SD-WAN Aware. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).Show less
CVE-2020-10878
5Fedoraproject
NetappOpensuse+2 more
17Communications Billing And Revenue Management
Communications Diameter Signaling RouterCommunications Eagle Application Processor+14 more
Nov 21, 2024
Jun 5, 2020
N/A· v4
8.6 HIGH· v3
7.5 HIGH· v2
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2020-1927
8Apache
BroadcomCanonical+5 more
14Brocade Fabric Operating System
Communications Element ManagerCommunications Session Report Manager+11 more
Nov 21, 2024
Apr 2, 2020
N/A· v4
6.1 MEDIUM· v3
5.8 MEDIUM· v2
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request U...Show more
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.Show less
CVE-2019-10219
3Netapp
OracleRedhat
188Access Manager
Active Iq Unified ManagerAgile Engineering Data Management+185 more
Jul 7, 2025
Nov 8, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can r...Show more
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.Show less