Communications webrtc session controller
This hub aggregates every CVE we track for Communications webrtc session controller, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
21
CVEs tracked
8
Critical
4
High
2
In CISA KEV
Severity distribution
MEDIUM9CRITICAL8HIGH4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Communications webrtc session controller.
- CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9
- CVE-2020-11023Potential XSS vulnerability in jQueryKEV6.9
- CVE-2020-11022jQuery has a potential XSS vulnerability6.9
- CVE-2019-10219A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. T...6.1
- CVE-2019-11358jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an...6.1
- CVE-2018-3246Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploita...7.5
- CVE-2018-1000613Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('U...9.8
- CVE-2018-0732Client DoS due to large DH parameter7.5
- CVE-2018-1000180Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with add...7.5
- CVE-2018-8013In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor ...9.8
- CVE-2018-1000301curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end...9.1
- CVE-2018-1000120A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.9.8
- CVE-2018-1000122A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage9.1
- CVE-2018-1000121A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service7.5
- CVE-2015-9251jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.6.1
Product normalization is registry-driven with AI assist and human review. How it works