Oracle

Flexcube Private Banking

75 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-15756

  • EPSS 13.38%
  • Veröffentlicht 18.10.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:24

Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler,...

7.4

CVE-2018-11775

  • EPSS 0.59%
  • Veröffentlicht 10.09.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:00

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by def...

6.1

CVE-2018-8032

  • EPSS 2.34%
  • Veröffentlicht 02.08.2018 13:29:00
  • Zuletzt bearbeitet 08.05.2025 18:13:51

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

7.5

CVE-2018-11040

  • EPSS 8.25%
  • Veröffentlicht 25.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:32

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controlle...

6.5

CVE-2018-1257

  • EPSS 1.79%
  • Veröffentlicht 11.05.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:28

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A ...

5.9

CVE-2018-10237

  • EPSS 3.26%
  • Veröffentlicht 26.04.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:04

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray...

6.5

CVE-2017-10103

  • EPSS 0.66%
  • Veröffentlicht 08.08.2017 15:29:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l...

6.5

CVE-2017-10006

  • EPSS 0.49%
  • Veröffentlicht 08.08.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l...

6.1

CVE-2017-10005

  • EPSS 0.46%
  • Veröffentlicht 08.08.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows u...

4.3

CVE-2017-10007

  • EPSS 0.22%
  • Veröffentlicht 08.08.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l...