Oracle

Banking Trade Finance Process Management

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.6

CVE-2022-21474

  • EPSS 0.38%
  • Veröffentlicht 19.04.2022 21:15:17
  • Zuletzt bearbeitet 21.11.2024 06:44:47

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with ne...

9.8

CVE-2022-22963

Warnung Exploit
  • EPSS 94.46%
  • Veröffentlicht 01.04.2022 23:15:13
  • Zuletzt bearbeitet 13.03.2025 16:36:53

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access ...

6.5

CVE-2021-41973

  • EPSS 0.62%
  • Veröffentlicht 01.11.2021 09:15:09
  • Zuletzt bearbeitet 21.11.2024 06:27:00

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Pleas...

8.8

CVE-2021-29505

  • EPSS 90.77%
  • Veröffentlicht 28.05.2021 21:15:08
  • Zuletzt bearbeitet 30.05.2025 00:15:20

XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input str...

5.9

CVE-2021-21409

  • EPSS 4.98%
  • Veröffentlicht 30.03.2021 15:15:14
  • Zuletzt bearbeitet 21.11.2024 05:48:17

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerabi...

5.5

CVE-2021-27807

  • EPSS 0.54%
  • Veröffentlicht 19.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:58:36

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

5.5

CVE-2021-27906

  • EPSS 0.54%
  • Veröffentlicht 19.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:58:45

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

7.2

CVE-2021-23337

Exploit
  • EPSS 0.86%
  • Veröffentlicht 15.02.2021 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:51:31

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

5.3

CVE-2020-28500

Exploit
  • EPSS 0.2%
  • Veröffentlicht 15.02.2021 11:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:55

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

5.5

CVE-2021-21290

Exploit
  • EPSS 0.02%
  • Veröffentlicht 08.02.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:47:56

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems inv...