Oracle

Financial Services Analytical Applications Infrastructure

84 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-24729

  • EPSS 0.51%
  • Veröffentlicht 16.03.2022 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a ...

5.4

CVE-2022-24728

  • EPSS 0.72%
  • Veröffentlicht 16.03.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to in...

7.5

CVE-2020-36518

Exploit
  • EPSS 0.61%
  • Veröffentlicht 11.03.2022 07:15:07
  • Zuletzt bearbeitet 27.08.2025 21:15:36

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

7.1

CVE-2022-23437

  • EPSS 0.09%
  • Veröffentlicht 24.01.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:48:33

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolon...

5

CVE-2021-35687

  • EPSS 1.18%
  • Veröffentlicht 19.01.2022 12:15:09
  • Zuletzt bearbeitet 21.11.2024 06:12:46

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vu...

4

CVE-2021-35686

  • EPSS 0.3%
  • Veröffentlicht 19.01.2022 12:15:09
  • Zuletzt bearbeitet 21.11.2024 06:12:46

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). Supported versions that are affected are 8.0.7-8.1.1. Easily exploitable vu...

5.9

CVE-2021-45105

Warnung
  • EPSS 67.58%
  • Veröffentlicht 18.12.2021 12:15:07
  • Zuletzt bearbeitet 21.11.2024 06:31:58

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...

5.9

CVE-2021-38153

  • EPSS 0.95%
  • Veröffentlicht 22.09.2021 09:15:07
  • Zuletzt bearbeitet 21.11.2024 06:16:30

Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0....

5.4

CVE-2021-37695

  • EPSS 0.4%
  • Veröffentlicht 13.08.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 06:15:43

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 [Fake Objects](https://ckeditor.com/cke4/addon/fakeobjects) package. The vulnerability allowed to inject malformed F...

5.4

CVE-2021-32808

  • EPSS 1.44%
  • Veröffentlicht 12.08.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:47

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malform...