Financial Services Analytical Applications Infrastructure@8.1.0.0.0 Security Vulnerabilities and Issues — Financial Services Analytical Applications Infrastructure@8.1.0.0.0 CVE List

Lucene search

OracleFinancial Services Analytical Applications Infrastructure8.1.0.0.0

10 matches found

CVE•added 2020/04/29 10:15 p.m.•6997 views

CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

6.9CVSS7.2AI score0.22783EPSS

In wild

CVE•added 2022/03/16 5:15 p.m.•569 views

CVE-2022-24729

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the dialog plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser...

7.5CVSS6.7AI score0.0043EPSS

CVE•added 2022/03/16 4:15 p.m.•491 views

CVE-2022-24728

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitizatio...

5.4CVSS5.9AI score0.00604EPSS

CVE•added 2020/04/27 4:15 p.m.•451 views

CVE-2020-9488

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

4.3CVSS6AI score0.00014EPSS

CVE•added 2021/09/22 9:15 a.m.•385 views

CVE-2021-38153

Some components in Apache Kafka use Arrays.equals to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed...

5.9CVSS6.2AI score0.00952EPSS

CVE•added 2021/04/23 3:15 p.m.•259 views

CVE-2021-26291

Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Ma...

9.1CVSS8.2AI score0.45481EPSS

Web

CVE•added 2020/07/15 6:15 p.m.•42 views

CVE-2020-14684

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac...

4.3CVSS3.8AI score0.00712EPSS

CVE•added 2020/07/15 6:15 p.m.•40 views

CVE-2020-14685

6.5CVSS6.3AI score0.00244EPSS

CVE•added 2020/07/15 6:15 p.m.•38 views

CVE-2020-14662

6.5CVSS5.9AI score0.00266EPSS

CVE•added 2020/10/21 3:15 p.m.•35 views

CVE-2020-14824

8.6CVSS8AI score0.01125EPSS