Flexcube Investor Servicing Security Vulnerabilities and Issues — Flexcube Investor Servicing CVE List

Lucene search

OracleFlexcube Investor Servicing

9 matches found

CVE•added 2019/07/26 7:15 p.m.•530 views

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

9.8CVSS9AI score0.10416EPSS

CVE•added 2019/11/08 3:15 p.m.•231 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01864EPSS

CVE•added 2019/08/30 9:15 a.m.•191 views

CVE-2019-12402

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.

7.5CVSS7.1AI score0.00163EPSS

CVE•added 2019/07/23 11:15 p.m.•78 views

CVE-2019-2736

Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows unauthentic...

6.1CVSS5.6AI score0.00582EPSS

CVE•added 2019/07/23 11:15 p.m.•77 views

CVE-2019-2847

5.7CVSS5.2AI score0.00455EPSS

CVE•added 2019/07/23 11:15 p.m.•76 views

CVE-2019-2843

5.5CVSS4.7AI score0.00175EPSS

CVE•added 2019/07/23 11:15 p.m.•36 views

CVE-2019-2841

8.1CVSS7.7AI score0.0102EPSS

CVE•added 2019/07/23 11:15 p.m.•35 views

CVE-2019-2846