CVE-2022-24736

all versions

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a speciall

3.3LOW

CVE-2022-24735

all versions

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacke

3.9LOW

CVE-2022-21403

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

6.6MEDIUM

CVE-2022-21402

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

4.8MEDIUM

CVE-2022-21401

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

6.6MEDIUM

CVE-2022-21400

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

5.4MEDIUM

CVE-2022-21399

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

6.6MEDIUM

CVE-2022-21398

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

5.4MEDIUM

CVE-2022-21397

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

5.4MEDIUM

CVE-2022-21396

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

5.4MEDIUM

CVE-2022-21395

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

7.2HIGH

CVE-2022-21246

all versions

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supp

5.4MEDIUM

CVE-2021-44790

all versions

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua script

9.8CRITICAL

CVE-2021-44224

all versions

A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for

8.2HIGH

CVE-2021-41184

all versions

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the `.

6.5MEDIUM

CVE-2021-41183

all versions

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various *Text options o

6.5MEDIUM

CVE-2021-41182

all versions

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of

6.5MEDIUM

CVE-2021-41099

all versions

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be

7.5HIGH

CVE-2021-32762

all versions

Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may

7.5HIGH

CVE-2021-32687

all versions

Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be

7.5HIGH

CVE-2021-32675

all versions

Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request

7.5HIGH

CVE-2021-32672

all versions

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed req

5.3MEDIUM

CVE-2021-32628

all versions

Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by a

7.5HIGH

CVE-2021-32627

all versions

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be ex

7.5HIGH

CVE-2021-32626

all versions

Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in

7.5HIGH

CVE-2021-23017

all versions

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS ser

7.7HIGH

CVE-2020-14147

all versions

An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permissio

7.7HIGH

CVE-2020-11023

>= 4.1 and <= 4.3

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sourc

6.9MEDIUM

CVE-2019-10219

all versions

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting

6.1MEDIUM

CVE-2019-15165

all versions

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.

5.3MEDIUM

CVE-2019-5482

all versions

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.

9.8CRITICAL

CVE-2019-5481

all versions

Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.

9.8CRITICAL

CVE-2019-16056

>= 4.1 and <= 4.3

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email modul

7.5HIGH

CVE-2019-10193

all versions

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0

7.2HIGH

CVE-2019-10192

all versions

A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.

7.2HIGH

CVE-2019-11358

>= 4.1 and <= 4.3

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Objec

6.1MEDIUM

CVE-2019-7164

all versions

SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter.

9.8CRITICAL

CVE-2019-7548

all versions

SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.

7.8HIGH

CVE-2019-3823

all versions

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response

4.3MEDIUM

CVE-2019-3822

all versions

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing N

9.8CRITICAL

CVE-2018-16890

all versions

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NT

7.5HIGH

CVE-2018-11219

all versions

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and

9.8CRITICAL

CVE-2018-11218

all versions

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x b

9.8CRITICAL

CVE-2017-3730

all versions

In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result

7.5HIGH

CVE-2016-3513

<= 3.3.92.0.0

Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3

6.5MEDIUM