Oracle

Flexcube Private Banking

75 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-15756

  • EPSS 13.38%
  • Published 18.10.2018 22:29:00
  • Last modified 21.11.2024 03:51:24

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler,...

7.4

CVE-2018-11775

  • EPSS 0.59%
  • Published 10.09.2018 20:29:00
  • Last modified 21.11.2024 03:44:00

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by def...

6.1

CVE-2018-8032

  • EPSS 2.34%
  • Published 02.08.2018 13:29:00
  • Last modified 08.05.2025 18:13:51

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

7.5

CVE-2018-11040

  • EPSS 8.25%
  • Published 25.06.2018 15:29:00
  • Last modified 21.11.2024 03:42:32

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controlle...

6.5

CVE-2018-1257

  • EPSS 1.79%
  • Published 11.05.2018 20:29:00
  • Last modified 21.11.2024 03:59:28

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A ...

5.9

CVE-2018-10237

  • EPSS 3.26%
  • Published 26.04.2018 21:29:00
  • Last modified 21.11.2024 03:41:04

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray...

6.5

CVE-2017-10103

  • EPSS 0.66%
  • Published 08.08.2017 15:29:03
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l...

6.5

CVE-2017-10006

  • EPSS 0.49%
  • Published 08.08.2017 15:29:00
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l...

6.1

CVE-2017-10005

  • EPSS 0.46%
  • Published 08.08.2017 15:29:00
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows u...

4.3

CVE-2017-10007

  • EPSS 0.22%
  • Published 08.08.2017 15:29:00
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l...