Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Oracle Subscribe
Filtered by product Sd-wan Aware
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21705 3 Netapp, Oracle, Php 3 Clustered Data Ontap, Sd-wan Aware, Php 2022-09-29 5.0 MEDIUM 5.3 MEDIUM
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.
CVE-2019-10219 3 Netapp, Oracle, Redhat 195 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 192 more 2022-09-12 4.3 MEDIUM 6.1 MEDIUM
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
CVE-2020-1927 8 Apache, Broadcom, Canonical and 5 more 14 Http Server, Brocade Fabric Operating System, Ubuntu Linux and 11 more 2022-07-25 5.8 MEDIUM 6.1 MEDIUM
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
CVE-2020-10878 5 Fedoraproject, Netapp, Opensuse and 2 more 17 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 14 more 2022-05-12 7.5 HIGH 8.6 HIGH
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2020-14701 1 Oracle 1 Sd-wan Aware 2020-07-20 7.5 HIGH 10.0 CRITICAL
Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: User Interface). The supported version that is affected is 8.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Aware. While the vulnerability is in Oracle SD-WAN Aware, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle SD-WAN Aware. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).