Oracle Communications Operations Monitor vulnerabilities

CVE-2021-32687 [HIGH] CWE-190 CVE-2021-32687: Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the default set-max-intset-entries configuration parameter t

CVE-2021-32675 [HIGH] CWE-770 CVE-2021-32675: Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis St Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory according to user-specified values which determine the number of elements (in the multi-bulk header) and size of each element (in the bulk header). An attacker delivering specially crafted requests

CVE-2021-32626 [HIGH] CWE-122 CVE-2021-32626: Redis is an open source, in-memory database that persists on disk. In affected versions specially cr Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote code execution. This problem exists in all versions of Red

CVE-2021-41099 [HIGH] CWE-190 CVE-2021-41099: Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the un Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-len configuration parameter to a very large value and construc

CVE-2021-32672 [MEDIUM] CWE-125 CVE-2021-32672: Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and

CVE-2021-23017 [HIGH] CWE-193 CVE-2021-23017: A security issue in nginx resolver was identified, which might allow an attacker who is able to forg A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

CVE-2020-14147 [HIGH] CVE-2020-14147: An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-depe An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: th

CVE-2020-11023 [MEDIUM] CWE-79 CVE-2020-11023: In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2019-10219 [MEDIUM] CWE-79 CVE-2019-10219: A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properl A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

CVE-2019-15165 [MEDIUM] CWE-770 CVE-2019-15165: sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocati sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

CVE-2019-5482 [CRITICAL] CWE-122 CVE-2019-5482: Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

CVE-2019-5481 [CRITICAL] CWE-415 CVE-2019-5481: Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

CVE-2019-16056 [HIGH] CVE-2019-16056: An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address t

CVE-2019-10193 [HIGH] CWE-121 CVE-2019-10193: A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer.

CVE-2019-10192 [HIGH] CWE-122 CVE-2019-10192: A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer.

CVE-2019-11358 [MEDIUM] CWE-1321 CVE-2019-11358: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(t jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

CVE-2019-7164 [CRITICAL] CWE-89 CVE-2019-7164: SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

CVE-2019-3822 [CRITICAL] CWE-121 CVE-2019-3822: libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The f libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting ov

CVE-2019-3823 [HIGH] CWE-125 CVE-2019-3823: libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the cod libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read conten

CVE-2018-16890 [HIGH] CWE-125 CVE-2018-16890: libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could tr