Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-24407 |
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. Published: February 24, 2022; 10:15:29 AM -0500 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2021-3177 |
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. Published: January 19, 2021; 1:15:12 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2020-27619 |
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. Published: October 21, 2020; 11:16:31 PM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2020-26137 |
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116. Published: September 30, 2020; 2:15:26 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 6.4 MEDIUM |