Communications_messaging_server - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Communications_messaging_server
(Oracle)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	41

Date	Id	Summary	Products	Score	Patch	Annotated
2020-02-21	CVE-2020-9327	In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.	Ubuntu_linux, Cloud_backup, Communications_messaging_server, Communications_network_charging_and_control, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Mysql_workbench, Outside_in_technology, Zfs_storage_appliance_kit, Sinec_infrastructure_network_services, Sqlite	7.5
2020-03-23	CVE-2020-1950	A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23.	Tika, Ubuntu_linux, Debian_linux, Business_process_management_suite, Communications_messaging_server, Flexcube_private_banking	5.5
2020-03-23	CVE-2020-1951	A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.	Tika, Ubuntu_linux, Debian_linux, Business_process_management_suite, Communications_messaging_server, Flexcube_private_banking	5.5
2020-04-27	CVE-2020-9489	A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade to 1.24.1 or later. The vulnerabilities in the MP4Parser were partially fixed by upgrading the com.googlecode:isoparser:1.1.22 dependency to org.tallison:isoparser:1.9.41.2. For unrelated security...	Tika, Communications_messaging_server, Flexcube_private_banking, Primavera_unifier, Webcenter_portal	5.5
2020-06-06	CVE-2020-13871	SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.	Debian_linux, Fedora, Cloud_backup, Ontap_select_deploy_administration_utility, Communications_messaging_server, Communications_network_charging_and_control, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Mysql_workbench, Zfs_storage_appliance_kit, Sinec_infrastructure_network_services, Sqlite	7.5
2020-06-27	CVE-2020-15358	In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.	Icloud, Ipados, Iphone_os, Macos, Tvos, Watchos, Ubuntu_linux, Communications_cloud_native_core_policy, Communications_messaging_server, Communications_network_charging_and_control, Enterprise_manager_ops_center, Hyperion_infrastructure_technology, Mysql, Outside_in_technology, Sinec_infrastructure_network_services, Sqlite	5.5
2020-08-25	CVE-2020-24616	FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).	Debian_linux, Jackson\-Databind, Active_iq_unified_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_liquidity_management, Banking_supply_chain_finance, Blockchain_platform, Communications_calendar_server, Communications_cloud_native_core_unified_data_repository, Communications_contacts_server, Communications_diameter_signaling_router, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_messaging_server, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_unified_inventory_management, Identity_manager_connector, Siebel_ui_framework	8.1
2020-09-17	CVE-2020-24750	FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.	Debian_linux, Jackson\-Databind, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_liquidity_management, Banking_supply_chain_finance, Blockchain_platform, Communications_calendar_server, Communications_contacts_server, Communications_diameter_signaling_router, Communications_element_manager, Communications_instant_messaging_server, Communications_messaging_server, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Identity_manager_connector, Siebel_core_\-_server_framework, Siebel_ui_framework	8.1