Lucene search
K
OracleBanking Liquidity Management

9 matches found

CVE
CVE
added 2022/04/01 12:0 a.m.1534 views

CVE-2022-22963

CVE-2022-22963 affects Spring Cloud Function: in versions 3.1.6, 3.2.2 and older unsupported releases, routing-expression using SpEL can be crafted by a user to trigger remote code execution and access local resources. The root cause is unsafe evaluation of SpEL within the HTTP request routing he...

9.8CVSS9.5AI score0.99939EPSS
In wildWeb
CVE
CVE
added 2020/05/14 3:57 p.m.450 views

CVE-2020-1945

This CVE (CVE-2020-1945) affects Apache Ant. Connected Arch Linux advisory ASA-202005-15 confirms the vulnerability exists in ant before version 1.10.8-1, where Ant uses java.io.tmpdir for several tasks and can leak sensitive information. The fixcrlf and replaceregexp tasks may copy files from th...

6.3CVSS6.8AI score0.01793EPSS
CVE
CVE
added 2020/07/15 4:10 p.m.445 views

CVE-2020-8203

CVE-2020-8203 : Prototype pollution via lodash.zipObjectDeep in lodash versions before 4.17.20. The vulnerability allows modification of object prototypes, enabling attacker-controlled properties. IBM X-Force records this as a high-risk issue (CVSS~7.5; I/H, A/H; network driver with no user inter...

7.4CVSS6.9AI score0.05213EPSS
CVE
CVE
added 2020/09/17 6:39 p.m.288 views

CVE-2020-24750

CVE-2020-24750 affects FasterXML jackson-databind 2.x prior to 2.9.10.6, where the interaction between serialization gadgets and typing is mishandled (CWE-502). This deserialization flaw could enable exploitation via untrusted data; the connected IBM/Cloudera doc confirms the CVE entry but does n...

8.1CVSS7.7AI score0.07268EPSS
CVE
CVE
added 2020/08/25 5:4 p.m.222 views

CVE-2020-24616

The CVE-2020-24616 vulnerability affects FasterXML jackson-databind 2.x prior to 2.9.10.6, arising from the interaction between serialization gadgets and typing (related to br.com.anteros.dbcp.AnterosDBCPDataSource). Root cause is unsafe deserialization via Gadget chains in Jackson Databind. Impa...

8.1CVSS7.7AI score0.09346EPSS
CVE
CVE
added 2020/01/14 2:28 p.m.159 views

CVE-2019-12399

CVE-2019-12399 affects Apache Kafka Connect: when Connect workers are configured with config providers and a connector uses an externalized secret variable within a substring of a configuration value, an attacker can request a cluster’s task configuration and receive the plaintext secret instead ...

7.5CVSS7.3AI score0.03915EPSS
CVE
CVE
added 2024/10/15 7:53 p.m.66 views

CVE-2024-21285

Oracle Banking Liquidity Management (Oracle Financial Services Applications) is affected in version 14.5.0.12.0, specifically the Reports component. The issue allows a low-privilege, network-access attacker (HTTP) to compromise the system, with human interaction required, potentially resulting in...

7.1CVSS6.7AI score0.00325EPSS
CVE
CVE
added 2024/10/15 7:53 p.m.54 views

CVE-2024-21281

CVE-2024-21281 affects Oracle Banking Liquidity Management (Infrastructure) in Oracle Financial Services Applications, specifically version 14.7.0.6.0. Affected component can be exploited by a high-privilege attacker with network access via HTTP; exploitation requires user interaction. Impact per...

5.3CVSS4.9AI score0.00286EPSS
CVE
CVE
added 2024/10/15 7:53 p.m.49 views

CVE-2024-21284

CVE-2024-21284 affects Oracle Banking Liquidity Management (Oracle Financial Services Applications), component Reports, in version 14.5.0.12.0. The vulnerability can be exploited by a low-privileged attacker with HTTP network access, requiring user interaction, and can lead to takeover of the aff...

7.1CVSS6.7AI score0.00325EPSS