Oracle

Financial Services Analytical Applications Infrastructure

78 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2025-53031

  • EPSS 0.04%
  • Veröffentlicht 15.07.2025 19:27:55
  • Zuletzt bearbeitet 24.07.2025 20:34:58

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. ...

7.4

CVE-2023-21901

  • EPSS 0.17%
  • Veröffentlicht 16.01.2024 22:15:37
  • Zuletzt bearbeitet 11.06.2025 17:15:31

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.7, 8.0.8, 8.0.9, 8.1.0, 8.1.1 and 8.1....

9.8

CVE-2022-22965

Warnung Exploit
  • EPSS 94.44%
  • Veröffentlicht 01.04.2022 23:15:13
  • Zuletzt bearbeitet 10.04.2025 16:56:46

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Sp...

9.8

CVE-2022-22963

Warnung Exploit
  • EPSS 94.46%
  • Veröffentlicht 01.04.2022 23:15:13
  • Zuletzt bearbeitet 13.03.2025 16:36:53

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access ...

7.5

CVE-2022-24729

  • EPSS 0.51%
  • Veröffentlicht 16.03.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a ...

5.4

CVE-2022-24728

  • EPSS 0.72%
  • Veröffentlicht 16.03.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to in...

7.5

CVE-2020-36518

Exploit
  • EPSS 0.6%
  • Veröffentlicht 11.03.2022 07:15:07
  • Zuletzt bearbeitet 27.08.2025 21:15:36

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

7.1

CVE-2022-23437

  • EPSS 0.09%
  • Veröffentlicht 24.01.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:48:33

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolon...

5

CVE-2021-35687

  • EPSS 1.18%
  • Veröffentlicht 19.01.2022 12:15:09
  • Zuletzt bearbeitet 21.11.2024 06:12:46

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vu...

4

CVE-2021-35686

  • EPSS 0.3%
  • Veröffentlicht 19.01.2022 12:15:09
  • Zuletzt bearbeitet 21.11.2024 06:12:46

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vu...