Oracle

Financial Services Analytical Applications Infrastructure

84 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-26271

  • EPSS 0.64%
  • Veröffentlicht 26.01.2021 21:15:12
  • Zuletzt bearbeitet 21.11.2024 05:56:00

It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).

6.1

CVE-2020-27193

  • EPSS 0.91%
  • Veröffentlicht 12.11.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:20:50

A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs.

7.5

CVE-2019-17566

  • EPSS 0.82%
  • Veröffentlicht 12.11.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:32:32

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make ...

7.8

CVE-2020-14824

  • EPSS 1.13%
  • Veröffentlicht 21.10.2020 15:15:21
  • Zuletzt bearbeitet 21.11.2024 05:04:15

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerabilit...

7.5

CVE-2020-11979

  • EPSS 0.61%
  • Veröffentlicht 01.10.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 04:59:02

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without ...

6.5

CVE-2020-5421

  • EPSS 63.83%
  • Veröffentlicht 19.09.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 05:34:08

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jses...

6.5

CVE-2020-14685

  • EPSS 0.24%
  • Veröffentlicht 15.07.2020 18:15:33
  • Zuletzt bearbeitet 21.11.2024 05:03:53

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerabilit...

4.3

CVE-2020-14684

  • EPSS 0.71%
  • Veröffentlicht 15.07.2020 18:15:32
  • Zuletzt bearbeitet 21.11.2024 05:03:53

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerabilit...

6.5

CVE-2020-14662

  • EPSS 0.27%
  • Veröffentlicht 15.07.2020 18:15:31
  • Zuletzt bearbeitet 21.11.2024 05:03:49

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerabilit...

6.5

CVE-2020-14605

  • EPSS 0.24%
  • Veröffentlicht 15.07.2020 18:15:26
  • Zuletzt bearbeitet 21.11.2024 05:03:39

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerabilit...