Oracle Communications Messaging Server vulnerabilities

CVE-2020-36189 [HIGH] CWE-502 CVE-2020-36189: FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadg FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.

CVE-2020-28052 [HIGH] CVE-2020-28052: An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.chec An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.

CVE-2020-25649 [HIGH] CWE-611 CVE-2020-25649: A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured prope A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.

CVE-2020-13954 [MEDIUM] CVE-2020-13954: By default, Apache CXF creates a /services page containing a listing of the available endpoint names By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and

CVE-2020-24750 [HIGH] CWE-502 CVE-2020-24750: FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadg FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.

CVE-2020-24616 [HIGH] CWE-502 CVE-2020-24616: FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadg FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).

CVE-2020-15358 [MEDIUM] CWE-787 CVE-2020-15358: In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectO In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

CVE-2020-13871 [HIGH] CWE-416 CVE-2020-13871: SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite fo SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

CVE-2020-9489 [MEDIUM] CWE-835 CVE-2020-9489: A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or c A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade to 1.24.1 or later. The vulnerabilities in the MP4Parser

CVE-2020-11656 [CRITICAL] CWE-416 CVE-2020-11656: In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

CVE-2020-11655 [HIGH] CWE-665 CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malfo SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

CVE-2020-11612 [HIGH] CWE-770 CVE-2020-11612: The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.

CVE-2020-1950 [MEDIUM] CWE-400 CVE-2020-1950: A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23.

CVE-2020-1951 [MEDIUM] CWE-835 CVE-2020-1951: A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in ver A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.

CVE-2020-9327 [HIGH] CWE-476 CVE-2020-9327: In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.

CVE-2019-10219 [MEDIUM] CWE-79 CVE-2019-10219: A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properl A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

CVE-2019-0228 [CRITICAL] CWE-611 CVE-2019-0228: Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent att Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.

CVE-2017-5645 [CRITICAL] CWE-502 CVE-2017-5645: In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive s In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

CVE-2016-5455 [MEDIUM] CVE-2016-5455: Unspecified vulnerability in the Oracle Communications Messaging Server component in Oracle Communic Unspecified vulnerability in the Oracle Communications Messaging Server component in Oracle Communications Applications 6.3, 7.0, and 8.0 allows remote attackers to affect confidentiality via vectors related to Multiplexor.

CVE-2014-7926 [HIGH] CWE-17 CVE-2014-7926: The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision The Regular Expressions package in International Components for Unicode (ICU) 52 before SVN revision 292944, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via vectors related to a zero-length quantifier.