Oracle

Financial Services Behavior Detection Platform

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-21550

  • EPSS 0.02%
  • Published 21.01.2025 21:15:21
  • Last modified 23.06.2025 15:25:05

Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: Web UI). Supported versions that are affected are 8.0.8.1, 8.1.2.7 and 8.1.2.8. Easily exploitable vulnerabilit...

4.3

CVE-2023-21902

  • EPSS 0.43%
  • Published 18.04.2023 20:15:11
  • Last modified 21.11.2024 07:43:52

Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: Application). The supported version that is affected is 8.0.8.1. Easily exploitable vulnerability allows low pr...

9.8

CVE-2022-22963

Warning Exploit
  • EPSS 94.46%
  • Published 01.04.2022 23:15:13
  • Last modified 13.03.2025 16:36:53

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access ...

9.8

CVE-2022-22965

Warning Exploit
  • EPSS 94.44%
  • Published 01.04.2022 23:15:13
  • Last modified 10.04.2025 16:56:46

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Sp...

7.5

CVE-2022-24729

  • EPSS 0.51%
  • Published 16.03.2022 17:15:07
  • Last modified 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a ...

5.4

CVE-2022-24728

  • EPSS 0.72%
  • Published 16.03.2022 16:15:10
  • Last modified 21.11.2024 06:50:57

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to in...

7.5

CVE-2020-36518

Exploit
  • EPSS 0.6%
  • Published 11.03.2022 07:15:07
  • Last modified 27.08.2025 21:15:36

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

7.1

CVE-2022-23437

  • EPSS 0.09%
  • Published 24.01.2022 15:15:09
  • Last modified 21.11.2024 06:48:33

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolon...

5.9

CVE-2021-38153

  • EPSS 0.95%
  • Published 22.09.2021 09:15:07
  • Last modified 21.11.2024 06:16:30

Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0....

5.1

CVE-2021-2351

Exploit
  • EPSS 3.54%
  • Published 21.07.2021 15:15:21
  • Last modified 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...