Oracle Communications Billing And Revenue Management Elastic Charging Engine — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Communications Billing And Revenue Management Elastic Charging Engine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (30)
CVE-2019-10173 — CVSS 9.8 (critical): It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security…
CVE-2021-39154 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39139 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39141 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39153 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39152 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39151 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39150 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39149 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39148 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39147 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39146 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-39145 — CVSS 8.5 (high): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2020-5398 — CVSS 7.5 (high): In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is…
CVE-2021-21341 — CVSS 7.5 (high): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may…
CVE-2019-10086 — CVSS 7.3 (high): In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to…
CVE-2021-39140 — CVSS 6.5 (medium): XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker…
CVE-2021-21347 — CVSS 6.1 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2021-21349 — CVSS 6.1 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2021-21346 — CVSS 6.1 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2019-10219 — CVSS 6.1 (medium): A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of…
CVE-2021-21345 — CVSS 5.8 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2021-21351 — CVSS 5.4 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow…
CVE-2021-21343 — CVSS 5.3 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the…
CVE-2021-21350 — CVSS 5.3 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2021-21348 — CVSS 5.3 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2021-21344 — CVSS 5.3 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2021-29425 — CVSS 4.8 (medium): In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or…
CVE-2023-21824 — CVSS 4.4 (medium): Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component…