This page lists publicly disclosed CVE vulnerabilities affecting oracle communications_eagle_application_processor (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-21783 | A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | [email protected] | 9.8 | 4.51% | 2021-03-25 | 2024-11-21 |
| CVE-2020-12723 | regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. | [email protected] | 7.5 | 0.21% | 2020-06-05 | 2024-11-21 |
| CVE-2020-10878 | Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. | [email protected] | 8.6 | 0.10% | 2020-06-05 | 2024-11-21 |
| CVE-2020-10543 | Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. | [email protected] | 8.2 | 4.29% | 2020-06-05 | 2024-11-21 |
| CVE-2020-11022 | In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | [email protected] | 6.9 | 2.46% | 2020-04-29 | 2026-04-13 |
| CVE-2020-11023 KEV | In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | [email protected] | 6.9 | 34.66% | 2020-04-29 | 2025-11-07 |
| CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. | [email protected] | 6.1 | 1.67% | 2019-11-08 | 2025-07-07 |
| CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. | [email protected] | 6.1 | 1.53% | 2019-04-20 | 2024-11-21 |
| CVE-2018-3693 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. | [email protected] | 5.6 | 0.96% | 2018-07-10 | 2024-11-21 |
| CVE-2018-7566 | The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | [email protected] | 7.8 | 0.07% | 2018-03-30 | 2024-11-21 |
| CVE-2016-5458 | Unspecified vulnerability in the Oracle Communications EAGLE Application Processor component in Oracle Communications Applications 16.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to APPL. | [email protected] | 6.4 | 0.24% | 2016-07-21 | 2026-05-06 |
| CVE-2015-0235 | Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." | [email protected] | 10.0 | 84.87% | 2015-01-28 | 2026-05-06 |