Oracle

Banking Trade Finance Process Management

14 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2022-21474

  • EPSS 0.38%
  • Published 19.04.2022 21:15:17
  • Last modified 21.11.2024 06:44:47

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with ne...

9.8

CVE-2022-22963

Warning Exploit
  • EPSS 94.46%
  • Published 01.04.2022 23:15:13
  • Last modified 13.03.2025 16:36:53

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access ...

6.5

CVE-2021-41973

  • EPSS 0.62%
  • Published 01.11.2021 09:15:09
  • Last modified 21.11.2024 06:27:00

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Pleas...

8.8

CVE-2021-29505

  • EPSS 90.77%
  • Published 28.05.2021 21:15:08
  • Last modified 30.05.2025 00:15:20

XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input str...

5.9

CVE-2021-21409

  • EPSS 4.98%
  • Published 30.03.2021 15:15:14
  • Last modified 21.11.2024 05:48:17

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerabi...

5.5

CVE-2021-27807

  • EPSS 0.54%
  • Published 19.03.2021 16:15:13
  • Last modified 21.11.2024 05:58:36

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

5.5

CVE-2021-27906

  • EPSS 0.54%
  • Published 19.03.2021 16:15:13
  • Last modified 21.11.2024 05:58:45

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

7.2

CVE-2021-23337

Exploit
  • EPSS 0.86%
  • Published 15.02.2021 13:15:12
  • Last modified 21.11.2024 05:51:31

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

5.3

CVE-2020-28500

Exploit
  • EPSS 0.2%
  • Published 15.02.2021 11:15:12
  • Last modified 21.11.2024 05:22:55

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

5.5

CVE-2021-21290

Exploit
  • EPSS 0.02%
  • Published 08.02.2021 20:15:12
  • Last modified 21.11.2024 05:47:56

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems inv...