VDB

GCVE-110-NCSC-2025-332

GCVE-110-NCSC-2025-332
Advisory PublishedCVSS 8.1/10
Vulnetix · Advisory published October 23, 2025
Multiple vulnerabilities affecting Oracle Financial Services, Middleware, Communications, Solaris Cluster, NetApp products, Spring Framework, HPE Telco, and SAP products have been identified, with CVSS scores of 7.5 for several critical issues.

Weaknesses (CWE)

CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-770Allocation of Resources Without Limits or ThrottlingCWE-209Generation of Error Message Containing Sensitive Information

Risk Scores

CVSS 3.1
8.1/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Affected Products

VendorProductVersionsPlatforms
Oraclevers:unknown/*

References

advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›