Communications User Data Repository Oracle Communications User Data Repository

Do you want an email whenever new security vulnerabilities are reported in Oracle Communications User Data Repository?

By the Year

In 2022 there have been 0 vulnerabilities in Oracle Communications User Data Repository . Communications User Data Repository did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Communications User Data Repository vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Oracle Communications User Data Repository Security Vulnerabilities

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92

CVE-2016-2518 5.3 - Medium - January 30, 2017

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

Out-of-bounds Read

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application

CVE-2016-5385 8.1 - High - July 19, 2016

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue.

Authorization

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18

CVE-2015-0235 - January 28, 2015

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Memory Corruption

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for IBM Security Access Manager Enterprise Single Sign On or by Oracle? Click the Watch button to subscribe.

Oracle
Vendor

subscribe