Vulnerability-Lookup

CVE-2024-51504 (GCVE-0-2024-51504)

Vulnerability from cvelistv5 – Published: 2024-11-07 09:52 – Updated: 2024-11-07 16:33

Title

Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server

Summary

When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in IPAuthenticationProvider, which uses HTTP request headers, is weak and allows an attacker to bypass authentication via spoofing client's IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client's IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue.

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-290 - Authentication Bypass by Spoofing

Assigner

apache

References

2 references

URL	Tags
https://lists.apache.org/thread/b3qrmpkto5r6989qr…	vendor-advisory
http://www.openwall.com/lists/oss-security/2024/11/06/5

Impacted products

2 products

Vendor	Product	Version
Apache Software Foundation	Apache ZooKeeper	Affected: 3.9.0 , < 3.9.3 (semver)
apache	zookeeper	Affected: 3.9.0 , < 3.9.3 (semver) cpe:2.3:a:apache:zookeeper:-:::::::*

Credits

4ra1n Y4tacker

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-07T10:03:24.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/11/06/5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:zookeeper:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "zookeeper",
            "vendor": "apache",
            "versions": [
              {
                "lessThan": "3.9.3",
                "status": "affected",
                "version": "3.9.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-51504",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T16:31:39.548543Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T16:33:08.247Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.maven.apache.org/maven2",
          "defaultStatus": "unaffected",
          "packageName": "org.apache.zookeeper:zookeeper",
          "product": "Apache ZooKeeper",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThan": "3.9.3",
              "status": "affected",
              "version": "3.9.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "4ra1n"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Y4tacker"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client\u0027s IP address detection in\u0026nbsp;IPAuthenticationProvider, which uses HTTP request headers, is weak\u0026nbsp;and allows an attacker to bypass authentication via spoofing client\u0027s IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client\u0027s IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue."
            }
          ],
          "value": "When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client\u0027s IP address detection in\u00a0IPAuthenticationProvider, which uses HTTP request headers, is weak\u00a0and allows an attacker to bypass authentication via spoofing client\u0027s IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client\u0027s IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "important"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290 Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-07T09:52:03.957Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/b3qrmpkto5r6989qr61fw9y2x646kqlh"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2024-51504",
    "datePublished": "2024-11-07T09:52:03.957Z",
    "dateReserved": "2024-10-28T21:45:25.587Z",
    "dateUpdated": "2024-11-07T16:33:08.247Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-51504",
      "date": "2026-06-06",
      "epss": "0.00078",
      "percentile": "0.23288"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-51504\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2024-11-07T10:15:08.297\",\"lastModified\":\"2025-06-24T12:27:49.960\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client\u0027s IP address detection in\u00a0IPAuthenticationProvider, which uses HTTP request headers, is weak\u00a0and allows an attacker to bypass authentication via spoofing client\u0027s IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client\u0027s IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue.\"},{\"lang\":\"es\",\"value\":\"Al utilizar IPAuthenticationProvider en el servidor de administraci\u00f3n de ZooKeeper, existe la posibilidad de omisi\u00f3n de autenticaci\u00f3n por suplantaci\u00f3n; esto solo afecta a la autenticaci\u00f3n basada en IP implementada en el servidor de administraci\u00f3n de ZooKeeper. La configuraci\u00f3n predeterminada de la detecci\u00f3n de la direcci\u00f3n IP del cliente en IPAuthenticationProvider, que utiliza encabezados de solicitud HTTP, es d\u00e9bil y permite a un atacante omitir la autenticaci\u00f3n mediante la suplantaci\u00f3n de la direcci\u00f3n IP del cliente en los encabezados de solicitud. La configuraci\u00f3n predeterminada respeta el encabezado HTTP X-Forwarded-For para leer la direcci\u00f3n IP del cliente. El encabezado de solicitud X-Forwarded-For es utilizado principalmente por servidores proxy para identificar al cliente y puede ser f\u00e1cilmente suplantado por un atacante que pretenda que la solicitud proviene de una direcci\u00f3n IP diferente. Los comandos del servidor de administraci\u00f3n, como instant\u00e1nea y restauraci\u00f3n, se pueden ejecutar arbitrariamente en caso de explotaci\u00f3n exitosa, lo que podr\u00eda provocar fugas de informaci\u00f3n o problemas de disponibilidad del servicio. Se recomienda a los usuarios que actualicen a la versi\u00f3n 3.9.3, que soluciona este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:zookeeper:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9.0\",\"versionEndExcluding\":\"3.9.3\",\"matchCriteriaId\":\"D6D94E88-B99B-4610-9DDB-4F16EEB88392\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/b3qrmpkto5r6989qr61fw9y2x646kqlh\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/11/06/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\", \"packageName\": \"org.apache.zookeeper:zookeeper\", \"product\": \"Apache ZooKeeper\", \"vendor\": \"Apache Software Foundation\", \"versions\": [{\"lessThan\": \"3.9.3\", \"status\": \"affected\", \"version\": \"3.9.0\", \"versionType\": \"semver\"}]}], \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"4ra1n\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Y4tacker\"}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client\u0027s IP address detection in\u0026nbsp;IPAuthenticationProvider, which uses HTTP request headers, is weak\u0026nbsp;and allows an attacker to bypass authentication via spoofing client\u0027s IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client\u0027s IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue.\"}], \"value\": \"When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client\u0027s IP address detection in\\u00a0IPAuthenticationProvider, which uses HTTP request headers, is weak\\u00a0and allows an attacker to bypass authentication via spoofing client\u0027s IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client\u0027s IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue.\"}], \"metrics\": [{\"other\": {\"content\": {\"text\": \"important\"}, \"type\": \"Textual description of severity\"}}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-290\", \"description\": \"CWE-290 Authentication Bypass by Spoofing\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2024-11-07T09:52:03.957Z\"}, \"references\": [{\"tags\": [\"vendor-advisory\"], \"url\": \"https://lists.apache.org/thread/b3qrmpkto5r6989qr61fw9y2x646kqlh\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"title\": \"Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server\", \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2024/11/06/5\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-11-07T10:03:24.899Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-51504\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-07T16:31:39.548543Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:apache:zookeeper:-:*:*:*:*:*:*:*\"], \"vendor\": \"apache\", \"product\": \"zookeeper\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.9.0\", \"lessThan\": \"3.9.3\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-07T16:33:01.001Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-51504\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"apache\", \"dateReserved\": \"2024-10-28T21:45:25.587Z\", \"datePublished\": \"2024-11-07T09:52:03.957Z\", \"dateUpdated\": \"2024-11-07T16:33:08.247Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

NCSC-2026-0126

Vulnerability from csaf_ncscnl - Published: 2026-04-22 12:56 - Updated: 2026-04-22 12:56

Summary

Kwetsbaarheden verholpen in Oracle E-Business Suite

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Oracle heeft kwetsbaarheden verholpen in Oracle E-Business Suite.

Interpretaties: De kwetsbaarheden bevinden zich in verschillende componenten van Oracle E-Business Suite, waaronder Oracle Advanced Inbound Telephony, Oracle Enterprise Command Center Framework, Oracle Advanced Supply Chain Planning en Oracle Flow Manufacturing. Deze kwetsbaarheden kunnen worden misbruikt door ongeauthenticeerde of hooggeprivilegieerde aanvallers, wat kan leiden tot ongeautoriseerde toegang en gegevensmanipulatie.

Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-20: Improper Input Validation

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-284: Improper Access Control

CVE-2026-34275

A critical unauthenticated remote code execution vulnerability in Oracle Advanced Inbound Telephony (versions 12.2.3-12.2.15) with a CVSS 3.1 score of 9.8 severely impacts confidentiality, integrity, and availability via HTTP.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2024-51504

Multiple vulnerabilities in Apache ZooKeeper, including IPAuthenticationProvider spoofing and unauthorized access issues, affect various Oracle and Apache products, allowing authentication bypass, sensitive data exposure, and denial of service.

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-290 - Authentication Bypass by Spoofing

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2025-48734

Multiple vulnerabilities in Apache Commons BeanUtils prior to version 1.11.0 and various Oracle and HPE products allow remote attackers to execute arbitrary code or take over systems via HTTP or Java enum declaredClass property access.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2026-22011

A vulnerability in Oracle E-Business Suite's ADPatch component (versions 12.2.3 to 12.2.15) allows a high-privileged attacker with HTTP network access to potentially compromise system confidentiality, integrity, and availability, with a CVSS score of 7.6.

7.6 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2025-58057

Multiple denial of service vulnerabilities affect Netty (up to 4.1.124.Final), HPE Telco Intelligent Assurance, and Oracle Communications Cloud Native products due to unbounded buffer allocation and malformed HTTP/2 frames, with CVSS scores up to 7.5.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2026-34297

A vulnerability in Oracle HCM Common Architecture versions 12.2.3 to 12.2.15 allows unauthenticated attackers with HTTP network access to gain unauthorized access to critical data, rated with a CVSS 3.1 base score of 7.5 for high confidentiality impact.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2026-34274

A vulnerability in Oracle Configurator within Oracle E-Business Suite versions 12.2.3 to 12.2.15 allows unauthenticated attackers with HTTP network access to perform unauthorized read and write operations, with a CVSS 3.1 base score of 6.1.

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2025-41242

Multiple vulnerabilities in the Spring Framework affect various products including NetApp, Oracle Primavera Unifier, and Oracle Enterprise Command Center Framework, enabling unauthenticated attackers to access or compromise critical data, with severity ranging up to CVSS 5.9.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2026-34302

A vulnerability in Oracle Workflow Loader (versions 12.2.3-12.2.15) allows a high-privileged attacker with HTTP network access to perform unauthorized data modifications and cause partial denial of service, with a CVSS 3.1 base score of 5.5.

5.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2025-31672

Apache POI poi-ooxml versions before 5.4.0 contain a vulnerability involving improper input validation of OOXML files with duplicate ZIP entries, affecting multiple products including Oracle and NetApp, allowing unauthenticated attackers to modify data with a CVSS score of 5.3.

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2025-68161

Multiple vulnerabilities affect Apache Log4j Core (versions 2.0-beta9 to 2.25.2) due to missing TLS hostname verification in the Socket Appender, Oracle Primavera Gateway (versions 21.12.0-21.12.16) with a TLS vulnerability, and IBM Db2 Server (versions 11.5.0-11.5.9 and 12.1.0-12.1.4) with potential data disclosure or modification issues.

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

CWE-297 - Improper Validation of Certificate with Host Mismatch

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2026-34298

A vulnerability in Oracle Applications Framework versions 12.2.9 through 12.2.15 allows a high-privileged attacker with HTTP network access to perform unauthorized data modifications, read access, and partial denial of service, rated CVSS 4.7.

4.7 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

CVE-2026-22014

A vulnerability in Oracle E-Business Suite User Management (versions 12.2.7-12.2.15) allows a high-privileged attacker with HTTP network access to read and modify certain accessible data, rated CVSS 3.8.

3.8 (Low)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Affected products

Known affected 10 products

Product	Identifier	Version	Remediation
vers:unknown/* Oracle / Oracle Advanced Inbound Telephony		vers:unknown/*
vers:unknown/* Oracle / Oracle Advanced Supply Chain Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Applications DBA		vers:unknown/*
vers:unknown/* Oracle / Oracle Enterprise Command Center Framework		vers:unknown/*
vers:unknown/* Oracle / Oracle Flow Manufacturing		vers:unknown/*
vers:unknown/* Oracle / Oracle Global Order Promising		vers:unknown/*
vers:unknown/* Oracle / Oracle HCM Common Architecture		vers:unknown/*
vers:unknown/* Oracle / Oracle Rapid Planning		vers:unknown/*
vers:unknown/* Oracle / Oracle Yard Management		vers:unknown/*
vers:unknown/* Oracle / Oracle iProcurement		vers:unknown/*

References

14 references

URL	Category
https://www.oracle.com/security-alerts/cpuapr2026.html	external
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in Oracle E-Business Suite.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden bevinden zich in verschillende componenten van Oracle E-Business Suite, waaronder Oracle Advanced Inbound Telephony, Oracle Enterprise Command Center Framework, Oracle Advanced Supply Chain Planning en Oracle Flow Manufacturing. Deze kwetsbaarheden kunnen worden misbruikt door ongeauthenticeerde of hooggeprivilegieerde aanvallers, wat kan leiden tot ongeautoriseerde toegang en gegevensmanipulatie.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.\n\n",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://www.oracle.com/security-alerts/cpuapr2026.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle E-Business Suite",
    "tracking": {
      "current_release_date": "2026-04-22T12:56:26.266249Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0126",
      "initial_release_date": "2026-04-22T12:56:26.266249Z",
      "revision_history": [
        {
          "date": "2026-04-22T12:56:26.266249Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Advanced Inbound Telephony"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Advanced Supply Chain Planning"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-3"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Applications DBA"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-4"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Enterprise Command Center Framework"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-5"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Flow Manufacturing"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-6"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Global Order Promising"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-7"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle HCM Common Architecture"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-8"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Rapid Planning"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-9"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Yard Management"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-10"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle iProcurement"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-34275",
      "notes": [
        {
          "category": "description",
          "text": "A critical unauthenticated remote code execution vulnerability in Oracle Advanced Inbound Telephony (versions 12.2.3-12.2.15) with a CVSS 3.1 score of 9.8 severely impacts confidentiality, integrity, and availability via HTTP.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-34275 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34275.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2026-34275"
    },
    {
      "cve": "CVE-2024-51504",
      "cwe": {
        "id": "CWE-290",
        "name": "Authentication Bypass by Spoofing"
      },
      "notes": [
        {
          "category": "other",
          "text": "Authentication Bypass by Spoofing",
          "title": "CWE-290"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities in Apache ZooKeeper, including IPAuthenticationProvider spoofing and unauthorized access issues, affect various Oracle and Apache products, allowing authentication bypass, sensitive data exposure, and denial of service.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-51504 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-51504.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2024-51504"
    },
    {
      "cve": "CVE-2025-48734",
      "notes": [
        {
          "category": "description",
          "text": "Multiple vulnerabilities in Apache Commons BeanUtils prior to version 1.11.0 and various Oracle and HPE products allow remote attackers to execute arbitrary code or take over systems via HTTP or Java enum declaredClass property access.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-48734 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48734.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2025-48734"
    },
    {
      "cve": "CVE-2026-22011",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle E-Business Suite\u0027s ADPatch component (versions 12.2.3 to 12.2.15) allows a high-privileged attacker with HTTP network access to potentially compromise system confidentiality, integrity, and availability, with a CVSS score of 7.6.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-22011 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-22011.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2026-22011"
    },
    {
      "cve": "CVE-2025-58057",
      "cwe": {
        "id": "CWE-409",
        "name": "Improper Handling of Highly Compressed Data (Data Amplification)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Highly Compressed Data (Data Amplification)",
          "title": "CWE-409"
        },
        {
          "category": "description",
          "text": "Multiple denial of service vulnerabilities affect Netty (up to 4.1.124.Final), HPE Telco Intelligent Assurance, and Oracle Communications Cloud Native products due to unbounded buffer allocation and malformed HTTP/2 frames, with CVSS scores up to 7.5.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-58057 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58057.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2025-58057"
    },
    {
      "cve": "CVE-2026-34297",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle HCM Common Architecture versions 12.2.3 to 12.2.15 allows unauthenticated attackers with HTTP network access to gain unauthorized access to critical data, rated with a CVSS 3.1 base score of 7.5 for high confidentiality impact.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-34297 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34297.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2026-34297"
    },
    {
      "cve": "CVE-2026-34274",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle Configurator within Oracle E-Business Suite versions 12.2.3 to 12.2.15 allows unauthenticated attackers with HTTP network access to perform unauthorized read and write operations, with a CVSS 3.1 base score of 6.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-34274 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34274.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2026-34274"
    },
    {
      "cve": "CVE-2025-41242",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities in the Spring Framework affect various products including NetApp, Oracle Primavera Unifier, and Oracle Enterprise Command Center Framework, enabling unauthenticated attackers to access or compromise critical data, with severity ranging up to CVSS 5.9.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-41242 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41242.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2025-41242"
    },
    {
      "cve": "CVE-2026-34302",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle Workflow Loader (versions 12.2.3-12.2.15) allows a high-privileged attacker with HTTP network access to perform unauthorized data modifications and cause partial denial of service, with a CVSS 3.1 base score of 5.5.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-34302 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34302.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2026-34302"
    },
    {
      "cve": "CVE-2025-31672",
      "notes": [
        {
          "category": "description",
          "text": "Apache POI poi-ooxml versions before 5.4.0 contain a vulnerability involving improper input validation of OOXML files with duplicate ZIP entries, affecting multiple products including Oracle and NetApp, allowing unauthenticated attackers to modify data with a CVSS score of 5.3.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-31672 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31672.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2025-31672"
    },
    {
      "cve": "CVE-2025-68161",
      "cwe": {
        "id": "CWE-297",
        "name": "Improper Validation of Certificate with Host Mismatch"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Certificate with Host Mismatch",
          "title": "CWE-297"
        },
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities affect Apache Log4j Core (versions 2.0-beta9 to 2.25.2) due to missing TLS hostname verification in the Socket Appender, Oracle Primavera Gateway (versions 21.12.0-21.12.16) with a TLS vulnerability, and IBM Db2 Server (versions 11.5.0-11.5.9 and 12.1.0-12.1.4) with potential data disclosure or modification issues.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-68161 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-68161.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2025-68161"
    },
    {
      "cve": "CVE-2026-34298",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle Applications Framework versions 12.2.9 through 12.2.15 allows a high-privileged attacker with HTTP network access to perform unauthorized data modifications, read access, and partial denial of service, rated CVSS 4.7.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-34298 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-34298.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2026-34298"
    },
    {
      "cve": "CVE-2026-22014",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability in Oracle E-Business Suite User Management (versions 12.2.7-12.2.15) allows a high-privileged attacker with HTTP network access to read and modify certain accessible data, rated CVSS 3.8.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2",
          "CSAFPID-3",
          "CSAFPID-4",
          "CSAFPID-5",
          "CSAFPID-6",
          "CSAFPID-7",
          "CSAFPID-8",
          "CSAFPID-9",
          "CSAFPID-10"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-22014 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-22014.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2",
            "CSAFPID-3",
            "CSAFPID-4",
            "CSAFPID-5",
            "CSAFPID-6",
            "CSAFPID-7",
            "CSAFPID-8",
            "CSAFPID-9",
            "CSAFPID-10"
          ]
        }
      ],
      "title": "CVE-2026-22014"
    }
  ]
}

WID-SEC-W-2024-3684

Vulnerability from csaf_certbund - Published: 2024-12-11 23:00 - Updated: 2024-12-11 23:00

Summary

IBM QRadar SIEM: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuführen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2019-12900

Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Pufferüberlauf oder einer unzulässigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuführen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2020-8908

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2021-22569

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2022-3171

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2022-40152

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2022-41881

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2022-41915

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-2976

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-31582

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-33546

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-34453

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-34454

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-34455

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-34462

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-35116

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-36478

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-43642

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2023-44487

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-10041

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-10963

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-23454

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-3596

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-45491

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-51504

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-52316

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-52317

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

CVE-2024-52318

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
IBM QRadar SIEM <7.5.0 UP10 IF02 IBM / QRadar SIEM		<7.5.0 UP10 IF02

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ibm.com/support/pages/node/7178556	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3684 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3684.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3684 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3684"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-12-11",
        "url": "https://www.ibm.com/support/pages/node/7178556"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM QRadar SIEM: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-12-11T23:00:00.000+00:00",
      "generator": {
        "date": "2024-12-12T09:36:59.736+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-3684",
      "initial_release_date": "2024-12-11T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-12-11T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP10 IF02",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP10 IF02",
                  "product_id": "T039813"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP10 IF02",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP10 IF02",
                  "product_id": "T039813-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up10_if02"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-12900",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2019-12900"
    },
    {
      "cve": "CVE-2020-8908",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2020-8908"
    },
    {
      "cve": "CVE-2021-22569",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2021-22569"
    },
    {
      "cve": "CVE-2022-3171",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2022-3171"
    },
    {
      "cve": "CVE-2022-40152",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2022-40152"
    },
    {
      "cve": "CVE-2022-41881",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2022-41881"
    },
    {
      "cve": "CVE-2022-41915",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2022-41915"
    },
    {
      "cve": "CVE-2023-2976",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-2976"
    },
    {
      "cve": "CVE-2023-31582",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-31582"
    },
    {
      "cve": "CVE-2023-33546",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-33546"
    },
    {
      "cve": "CVE-2023-34453",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-34453"
    },
    {
      "cve": "CVE-2023-34454",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-34454"
    },
    {
      "cve": "CVE-2023-34455",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-34455"
    },
    {
      "cve": "CVE-2023-34462",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-34462"
    },
    {
      "cve": "CVE-2023-35116",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-35116"
    },
    {
      "cve": "CVE-2023-36478",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-36478"
    },
    {
      "cve": "CVE-2023-43642",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-43642"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2024-10041",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-10041"
    },
    {
      "cve": "CVE-2024-10963",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-10963"
    },
    {
      "cve": "CVE-2024-23454",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-23454"
    },
    {
      "cve": "CVE-2024-3596",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-3596"
    },
    {
      "cve": "CVE-2024-45491",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-45491"
    },
    {
      "cve": "CVE-2024-51504",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-51504"
    },
    {
      "cve": "CVE-2024-52316",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-52316"
    },
    {
      "cve": "CVE-2024-52317",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-52317"
    },
    {
      "cve": "CVE-2024-52318",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in IBM QRadar SIEM. Diese Fehler existieren in mehreren Komponenten wie Google Guava, protobuf-java oder Netty, unter anderem wegen mehrerer sicherheitsrelevanter Probleme wie einer unkontrollierten Rekursion, einem stapelbasierten Puffer\u00fcberlauf oder einer unzul\u00e4ssigen Autorisierung und mehr. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder einen Spoofing-Angriff durchzuf\u00fchren. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039813"
        ]
      },
      "release_date": "2024-12-11T23:00:00.000+00:00",
      "title": "CVE-2024-52318"
    }
  ]
}

WID-SEC-W-2025-2360

Vulnerability from csaf_certbund - Published: 2025-10-21 22:00 - Updated: 2025-11-17 23:00

Summary

Oracle Communications Applications: Mehrere Schwachstellen

Severity

Hoch

Notes

Produktbeschreibung: Communications Applications umfasst eine Sammlung von Werkzeugen zur Verwaltung von Messaging-, Kommunikationsdiensten und -ressourcen.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme: - Linux - Sonstiges - Windows

CVE-2024-12133

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-28182

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-35164

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-37371

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-50609

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-51504

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-57699

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-7254

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2024-8006

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-27210

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-27533

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-27553

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-27817

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-32415

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-32990

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-4517

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-48734

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-48924

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-48976

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-48989

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-49796

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-5115

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-52999

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-5318

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-53864

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-5399

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-54090

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-55163

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-5889

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-59375

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-6965

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-7339

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-8058

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

CVE-2025-9086

Affected products

Known affected 24 products

Product	Identifier	Version
Oracle Communications Applications 7.4.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.1`	7.4.1
Xerox FreeFlow Print Server v7 Xerox / FreeFlow Print Server	`cpe:/a:xerox:freeflow_print_server:v7`	v7
Oracle Communications Applications 7.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.7.0`	7.7.0
Oracle Communications Applications 8.0.0.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.8.0`	8.0.0.8.0
Oracle Communications Applications 8.1.0.28 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.28`	8.1.0.28
Oracle Communications Applications 8.0.0.7.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.7.0`	8.0.0.7.0
Oracle Communications Applications 7.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.0`	7.5.0
Oracle Communications Applications 7.8.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.8.0`	7.8.0
Oracle Communications Applications 8.0.0.9.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.9.0`	8.0.0.9.0
Oracle Communications Applications 2.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.0.0`	2.0.0.0.0
Oracle Communications Applications 2.0.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:2.0.0.1.0`	2.0.0.1.0
Oracle Communications Applications 15.0.1.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.1.0.0`	15.0.1.0.0
Oracle Communications Applications 6.1.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:6.1.1`	6.1.1
Oracle Communications Applications 7.5.1 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.5.1`	7.5.1
Oracle Communications Applications 7.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.4.0`	7.4.0
Oracle Communications Applications 15.1.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.1.0.0.0`	15.1.0.0.0
Oracle Communications Applications 3.0.3.3.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.3.0`	3.0.3.3.0
Oracle Communications Applications 8.0.0.5.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.0.0.5.0`	8.0.0.5.0
Oracle Communications Applications 3.0.3.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:3.0.3.4.0`	3.0.3.4.0
Oracle Communications Applications 15.0.0.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:15.0.0.0.0`	15.0.0.0.0
Oracle Communications Applications 8.1.0.4.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.1.0.4.0`	8.1.0.4.0
Oracle Communications Applications 12.0.6.0.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:12.0.6.0.0`	12.0.6.0.0
Oracle Communications Applications 7.3.6 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:7.3.6`	7.3.6
Oracle Communications Applications 8.2.0.1.0 Oracle / Communications Applications	`cpe:/a:oracle:communications_applications:8.2.0.1.0`	8.2.0.1.0

Last affected 7 products

Product	Identifier	Version	Remediation
Oracle Communications Applications <=7.8.0 Oracle / Communications Applications		<=7.8.0
Oracle Communications Applications <=6.1.1 Oracle / Communications Applications		<=6.1.1
Oracle Communications Applications <=12.0.0.8.0 Oracle / Communications Applications		<=12.0.0.8.0
Oracle Communications Applications <=7.5.1 Oracle / Communications Applications		<=7.5.1
Oracle Communications Applications <=15.0.1.0.0 Oracle / Communications Applications		<=15.0.1.0.0
Oracle Communications Applications <=2.0.0.1.0 Oracle / Communications Applications		<=2.0.0.1.0
Oracle Communications Applications <=12.0.6.0.0 Oracle / Communications Applications		<=12.0.6.0.0

References

4 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.oracle.com/security-alerts/cpuoct2025…	external
https://security.business.xerox.com/wp-content/up…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Communications Applications umfasst eine Sammlung von Werkzeugen zur Verwaltung von Messaging-, Kommunikationsdiensten und -ressourcen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-2360 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2360.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-2360 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2360"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - October 2025 - Appendix Oracle Communications Applications vom 2025-10-21",
        "url": "https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixCAGBU"
      },
      {
        "category": "external",
        "summary": "XEROX Security Advisory XRX25-018 vom 2025-11-18",
        "url": "https://security.business.xerox.com/wp-content/uploads/2025/11/Xerox-Security-Bulletin-XRX25-018-Xerox-FreeFlow-Print-Server-v7.pdf"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Communications Applications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-17T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-18T08:13:07.419+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-2360",
      "initial_release_date": "2025-10-21T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-10-21T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-11-17T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von XEROX aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=2.0.0.1.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=2.0.0.1.0",
                  "product_id": "T047971"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=2.0.0.1.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=2.0.0.1.0",
                  "product_id": "T047971-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=12.0.6.0.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=12.0.6.0.0",
                  "product_id": "T047972"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=12.0.6.0.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=12.0.6.0.0",
                  "product_id": "T047972-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=15.0.1.0.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=15.0.1.0.0",
                  "product_id": "T047973"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=15.0.1.0.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=15.0.1.0.0",
                  "product_id": "T047973-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "15.1.0.0.0",
                "product": {
                  "name": "Oracle Communications Applications 15.1.0.0.0",
                  "product_id": "T047974",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:15.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.0.28",
                "product": {
                  "name": "Oracle Communications Applications 8.1.0.28",
                  "product_id": "T047975",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:8.1.0.28"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=6.1.1",
                "product": {
                  "name": "Oracle Communications Applications \u003c=6.1.1",
                  "product_id": "T047976"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=6.1.1",
                "product": {
                  "name": "Oracle Communications Applications \u003c=6.1.1",
                  "product_id": "T047976-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.8.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=7.8.0",
                  "product_id": "T047977"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.8.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=7.8.0",
                  "product_id": "T047977-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "8.0.0.8.0",
                "product": {
                  "name": "Oracle Communications Applications 8.0.0.8.0",
                  "product_id": "T047978",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:8.0.0.8.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.0.9.0",
                "product": {
                  "name": "Oracle Communications Applications 8.0.0.9.0",
                  "product_id": "T047979",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:8.0.0.9.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.0.0.0.0",
                "product": {
                  "name": "Oracle Communications Applications 2.0.0.0.0",
                  "product_id": "T047980",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:2.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "2.0.0.1.0",
                "product": {
                  "name": "Oracle Communications Applications 2.0.0.1.0",
                  "product_id": "T047981",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:2.0.0.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.0.3.4.0",
                "product": {
                  "name": "Oracle Communications Applications 3.0.3.4.0",
                  "product_id": "T047982",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:3.0.3.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.0.6.0.0",
                "product": {
                  "name": "Oracle Communications Applications 12.0.6.0.0",
                  "product_id": "T047983",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:12.0.6.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.4.0",
                "product": {
                  "name": "Oracle Communications Applications 7.4.0",
                  "product_id": "T047984",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:7.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15.0.1.0.0",
                "product": {
                  "name": "Oracle Communications Applications 15.0.1.0.0",
                  "product_id": "T047992",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:15.0.1.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15.0.0.0.0",
                "product": {
                  "name": "Oracle Communications Applications 15.0.0.0.0",
                  "product_id": "T047993",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:15.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.3.6",
                "product": {
                  "name": "Oracle Communications Applications 7.3.6",
                  "product_id": "T047994",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:7.3.6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "3.0.3.3.0",
                "product": {
                  "name": "Oracle Communications Applications 3.0.3.3.0",
                  "product_id": "T047996",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:3.0.3.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.0.7.0",
                "product": {
                  "name": "Oracle Communications Applications 8.0.0.7.0",
                  "product_id": "T047997",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:8.0.0.7.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.8.0",
                "product": {
                  "name": "Oracle Communications Applications 7.8.0",
                  "product_id": "T047998",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:7.8.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.7.0",
                "product": {
                  "name": "Oracle Communications Applications 7.7.0",
                  "product_id": "T047999",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:7.7.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.5.1",
                "product": {
                  "name": "Oracle Communications Applications 7.5.1",
                  "product_id": "T048000",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:7.5.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "6.1.1",
                "product": {
                  "name": "Oracle Communications Applications 6.1.1",
                  "product_id": "T048001",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:6.1.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.5.1",
                "product": {
                  "name": "Oracle Communications Applications \u003c=7.5.1",
                  "product_id": "T048003"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=7.5.1",
                "product": {
                  "name": "Oracle Communications Applications \u003c=7.5.1",
                  "product_id": "T048003-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "8.2.0.1.0",
                "product": {
                  "name": "Oracle Communications Applications 8.2.0.1.0",
                  "product_id": "T048004",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:8.2.0.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.1.0.4.0",
                "product": {
                  "name": "Oracle Communications Applications 8.1.0.4.0",
                  "product_id": "T048005",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:8.1.0.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8.0.0.5.0",
                "product": {
                  "name": "Oracle Communications Applications 8.0.0.5.0",
                  "product_id": "T048006",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:8.0.0.5.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=12.0.0.8.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=12.0.0.8.0",
                  "product_id": "T048008"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=12.0.0.8.0",
                "product": {
                  "name": "Oracle Communications Applications \u003c=12.0.0.8.0",
                  "product_id": "T048008-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0",
                "product": {
                  "name": "Oracle Communications Applications 7.5.0",
                  "product_id": "T048009",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:7.5.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7.4.1",
                "product": {
                  "name": "Oracle Communications Applications 7.4.1",
                  "product_id": "T048010",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications_applications:7.4.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Communications Applications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "v7",
                "product": {
                  "name": "Xerox FreeFlow Print Server v7",
                  "product_id": "T035098",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:xerox:freeflow_print_server:v7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "FreeFlow Print Server"
          }
        ],
        "category": "vendor",
        "name": "Xerox"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-12133",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-12133"
    },
    {
      "cve": "CVE-2024-28182",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-35164",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-35164"
    },
    {
      "cve": "CVE-2024-37371",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-50609",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-50609"
    },
    {
      "cve": "CVE-2024-51504",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-51504"
    },
    {
      "cve": "CVE-2024-57699",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2024-7254",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-8006",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2024-8006"
    },
    {
      "cve": "CVE-2025-27210",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-27210"
    },
    {
      "cve": "CVE-2025-27533",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-27533"
    },
    {
      "cve": "CVE-2025-27553",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-27553"
    },
    {
      "cve": "CVE-2025-27817",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-27817"
    },
    {
      "cve": "CVE-2025-32415",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-32415"
    },
    {
      "cve": "CVE-2025-32990",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-32990"
    },
    {
      "cve": "CVE-2025-4517",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-4517"
    },
    {
      "cve": "CVE-2025-48734",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-48734"
    },
    {
      "cve": "CVE-2025-48924",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-48924"
    },
    {
      "cve": "CVE-2025-48976",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-48976"
    },
    {
      "cve": "CVE-2025-48989",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-48989"
    },
    {
      "cve": "CVE-2025-49796",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-49796"
    },
    {
      "cve": "CVE-2025-5115",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-5115"
    },
    {
      "cve": "CVE-2025-52999",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-52999"
    },
    {
      "cve": "CVE-2025-5318",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-5318"
    },
    {
      "cve": "CVE-2025-53864",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-53864"
    },
    {
      "cve": "CVE-2025-5399",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-5399"
    },
    {
      "cve": "CVE-2025-54090",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-54090"
    },
    {
      "cve": "CVE-2025-55163",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-55163"
    },
    {
      "cve": "CVE-2025-5889",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-5889"
    },
    {
      "cve": "CVE-2025-59375",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-59375"
    },
    {
      "cve": "CVE-2025-6965",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-6965"
    },
    {
      "cve": "CVE-2025-7339",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-7339"
    },
    {
      "cve": "CVE-2025-8058",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-8058"
    },
    {
      "cve": "CVE-2025-9086",
      "product_status": {
        "known_affected": [
          "T048010",
          "T035098",
          "T047999",
          "T047978",
          "T047975",
          "T047997",
          "T048009",
          "T047998",
          "T047979",
          "T047980",
          "T047981",
          "T047992",
          "T048001",
          "T048000",
          "T047984",
          "T047974",
          "T047996",
          "T048006",
          "T047982",
          "T047993",
          "T048005",
          "T047983",
          "T047994",
          "T048004"
        ],
        "last_affected": [
          "T047977",
          "T047976",
          "T048008",
          "T048003",
          "T047973",
          "T047971",
          "T047972"
        ]
      },
      "release_date": "2025-10-21T22:00:00.000+00:00",
      "title": "CVE-2025-9086"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-51504 (GCVE-0-2024-51504)

NCSC-2026-0126

WID-SEC-W-2024-3684

WID-SEC-W-2025-2360

Tags

Sightings

Nomenclature