Filtered by vendor Oracle Subscriptions
Filtered by product Sd-wan Aware Subscriptions
Total 5 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-21705 4 Netapp, Oracle, Php and 1 more 5 Clustered Data Ontap, Sd-wan Aware, Php and 2 more 2024-11-21 4.3 Medium
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.
CVE-2020-1927 9 Apache, Broadcom, Canonical and 6 more 17 Http Server, Brocade Fabric Operating System, Ubuntu Linux and 14 more 2024-11-21 6.1 Medium
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
CVE-2020-14701 1 Oracle 1 Sd-wan Aware 2024-11-21 10 Critical
Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: User Interface). The supported version that is affected is 8.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Aware. While the vulnerability is in Oracle SD-WAN Aware, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle SD-WAN Aware. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
CVE-2020-10878 6 Fedoraproject, Netapp, Opensuse and 3 more 22 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 19 more 2024-11-21 8.6 High
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
CVE-2019-10219 3 Netapp, Oracle, Redhat 199 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 196 more 2024-11-21 6.1 Medium
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.