Shodan
Vulnerabilities
Vulnerable Software
Oracle:  >> Communications Policy Management  >> 10.4.1  Security Vulnerabilities
CVE-2018-11776
Known exploited
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
CVSS Score
8.1
EPSS Score
0.944
Published
2018-08-22
CVE-2015-2568
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote attackers to affect availability via unknown vectors related to Server : Security : Privileges.
CVSS Score
5.0
EPSS Score
0.059
Published
2015-04-16
CVE-2015-0500
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
CVSS Score
4.0
EPSS Score
0.007
Published
2015-04-16
CVE-2015-0433
Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows remote authenticated users to affect availability via vectors related to InnoDB : DML.
CVSS Score
4.0
EPSS Score
0.006
Published
2015-04-16
CVE-2015-0423
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVSS Score
4.0
EPSS Score
0.023
Published
2015-04-16
CVE-2015-0235
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
CVSS Score
10.0
EPSS Score
0.884
Published
2015-01-28
CVE-2015-0411
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
CVSS Score
7.5
EPSS Score
0.066
Published
2015-01-21
CVE-2015-0409
Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
CVSS Score
4.0
EPSS Score
0.007
Published
2015-01-21
CVE-2015-0382
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
CVSS Score
4.3
EPSS Score
0.04
Published
2015-01-21
CVE-2015-0381
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
CVSS Score
4.3
EPSS Score
0.051
Published
2015-01-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved