CVSS: 7.5EPSS: 0%CPEs: 77EXPL: 2CVE-2020-36518 – jackson-databind: denial of service via a large depth of nested objects
https://notcve.org/view.php?id=CVE-2020-36518
11 Mar 2022 — jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. jackson-databind versiones anteriores a 2.13.0, permite una excepción Java StackOverflow y una denegación de servicio por medio de una gran profundidad de objetos anidados A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects. Red Hat JBoss Enterprise Appli... • https://github.com/ghillert/boot-jackson-cve • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 1%CPEs: 2EXPL: 0CVE-2022-21391
https://notcve.org/view.php?id=CVE-2022-21391
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional produc... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2022-21390
https://notcve.org/view.php?id=CVE-2022-21390
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Webservices Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional prod... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2022-21389
https://notcve.org/view.php?id=CVE-2022-21389
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional produ... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 9.9EPSS: 1%CPEs: 2EXPL: 0CVE-2022-21276
https://notcve.org/view.php?id=CVE-2022-21276
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional produc... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2022-21275
https://notcve.org/view.php?id=CVE-2022-21275
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional produ... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21268
https://notcve.org/view.php?id=CVE-2022-21268
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Pipeline Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Communications Billing and Revenue Management executes to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthori... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21267
https://notcve.org/view.php?id=CVE-2022-21267
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Pipeline Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Communications Billing and Revenue Management executes to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthori... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2022-21266
https://notcve.org/view.php?id=CVE-2022-21266
19 Jan 2022 — Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Pipeline Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Communicat... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 9.0EPSS: 0%CPEs: 39EXPL: 0CVE-2022-23307 – A deserialization flaw in the Chainsaw component of Log4j 1 can lead to malicious code execution.
https://notcve.org/view.php?id=CVE-2022-23307
18 Jan 2022 — CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. CVE-2020-9493 identificó un problema de deserialización presente en Apache Chainsaw. Versiones anteriores a Chainsaw V2.0 Chainsaw era un componente de Apache Log4j versiones 1.2.x donde se presenta el mismo problema A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserializ... • https://lists.apache.org/thread/rg4yyc89vs3dw6kpy3r92xop9loywyhh • CWE-502: Deserialization of Untrusted Data •