Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle banking digital experience 19.1 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-3019
Vulnerability in the Oracle Banking Digital Experience product of Oracle Financial Services Applications (component: Loan Calculator). Supported versions that are affected are 18.1, 18.2, 18.3 and 19.1. Easily exploitable vulnerability allows low privileged attacker with network ...
Oracle Banking Digital Experience 18.1
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
9.8
CVSSv3
CVE-2019-17495
A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI prior to 3.23.11 allows malicious users to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this pr...
Smartbear Swagger Ui
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Banking Digital Experience 21.1
Oracle Banking Platform
4 Github repositories
5.4
CVSSv3
CVE-2021-41164
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed HTML bypassing content sanitization, ...
Ckeditor Ckeditor
Drupal Drupal
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Banking Digital Experience 21.1
5.4
CVSSv3
CVE-2021-41165
CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. The vulnerability allowed to inject malformed comments HTML bypassing content sanitization, w...
Ckeditor Ckeditor
Drupal Drupal
Oracle Agile Product Lifecycle Management 9.3.6
Oracle Application Express
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
7.5
CVSSv3
CVE-2021-37137
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was received which may lead to excessive memory usage as well. This vulnerability can ...
Netty Netty
Oracle Banking Apis
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience 18.1
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
8.1
CVSSv3
CVE-2020-14060
FasterXML jackson-databind 2.x prior to 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Netapp Steelstore Cloud Integrated Storage -
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.1
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Communications Calendar Server 8.0.0.4.0
Oracle Communications Contacts Server 8.0.0.5.0
8.1
CVSSv3
CVE-2020-14062
FasterXML jackson-databind 2.x prior to 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Netapp Steelstore Cloud Integrated Storage -
Debian Debian Linux 8.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.1
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Communications Calendar Server 8.0.0.4.0
8.1
CVSSv3
CVE-2020-14195
FasterXML jackson-databind 2.x prior to 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Netapp Steelstore Cloud Integrated Storage -
Debian Debian Linux 8.0
Oracle Agile Plm 9.3.6
Oracle Banking Digital Experience 18.1
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Communications Calendar Server 8.0.0.4.0
8.1
CVSSv3
CVE-2020-14061
FasterXML jackson-databind 2.x prior to 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnec...
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Netapp Steelstore Cloud Integrated Storage -
Debian Debian Linux 8.0
Oracle Agile Plm 9.3.6
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Digital Experience 18.1
Oracle Banking Digital Experience 18.2
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
8.2
CVSSv3
CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
Apache Batik
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Banking Apis 18.3
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »