Lucene search

K
OracleBanking Extensibility Workbench14.3.0

9 matches found

CVE
CVE
added 2020/03/12 7:15 p.m.762 views

CVE-2020-10531

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

8.8CVSS8.7AI score0.0064EPSS
CVE
CVE
added 2020/06/03 11:15 p.m.635 views

CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes th...

7.5CVSS6.5AI score0.00741EPSS
CVE
CVE
added 2019/07/26 12:15 a.m.520 views

CVE-2019-10744

Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

9.1CVSS8.9AI score0.0341EPSS
CVE
CVE
added 2021/02/15 1:15 p.m.446 views

CVE-2021-23337

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

7.2CVSS7.2AI score0.00551EPSS
CVE
CVE
added 2020/07/24 10:15 p.m.359 views

CVE-2020-8174

napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.

9.3CVSS8.1AI score0.01274EPSS
CVE
CVE
added 2020/12/18 1:15 a.m.325 views

CVE-2020-28052

An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.

8.1CVSS7.7AI score0.0378EPSS
CVE
CVE
added 2020/07/15 5:15 p.m.316 views

CVE-2020-8203

Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.

7.4CVSS6.9AI score0.03276EPSS
CVE
CVE
added 2021/02/15 11:15 a.m.232 views

CVE-2020-28500

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

5.3CVSS6AI score0.00275EPSS
CVE
CVE
added 2020/06/08 2:15 p.m.167 views

CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.

7.4CVSS7.4AI score0.01016EPSS