Oracle

Banking Payments

35 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2020-2713

  • EPSS 0.48%
  • Published 15.01.2020 17:15:27
  • Last modified 21.11.2024 05:26:04

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network acc...

5.8

CVE-2020-2712

  • EPSS 0.8%
  • Published 15.01.2020 17:15:27
  • Last modified 21.11.2024 05:26:04

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac...

6.5

CVE-2020-2711

  • EPSS 0.6%
  • Published 15.01.2020 17:15:27
  • Last modified 21.11.2024 05:26:03

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network acc...

5.5

CVE-2020-2710

  • EPSS 0.26%
  • Published 15.01.2020 17:15:27
  • Last modified 21.11.2024 05:26:03

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network acc...

7.5

CVE-2019-12399

  • EPSS 3.16%
  • Published 14.01.2020 15:15:12
  • Last modified 21.11.2024 04:22:45

When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring...

5.5

CVE-2019-12415

  • EPSS 0.02%
  • Published 23.10.2019 20:15:12
  • Last modified 21.11.2024 04:22:47

In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML E...

7.5

CVE-2019-12402

  • EPSS 0.38%
  • Published 30.08.2019 09:15:17
  • Last modified 21.11.2024 04:22:45

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names insi...

9.8

CVE-2019-13990

  • EPSS 10.42%
  • Published 26.07.2019 19:15:11
  • Last modified 21.11.2024 04:25:50

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

8.1

CVE-2018-3027

  • EPSS 1.02%
  • Published 18.07.2018 13:29:06
  • Last modified 21.11.2024 04:04:59

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allow...

5.4

CVE-2018-3026

  • EPSS 0.21%
  • Published 18.07.2018 13:29:06
  • Last modified 21.11.2024 04:04:59

Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allow...