Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flexcube private banking vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-11971
Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.
Apache Camel
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Diameter Signaling Router
Oracle Communications Diameter Intelligence Hub
5
CVSSv2
CVE-2019-17359
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.63
Apache Tomee 7.0.7
Apache Tomee 7.1.2
Apache Tomee 8.0.1
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Xstore Point Of Service 18.0.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
5
CVSSv2
CVE-2019-12402
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Co...
Apache Commons Compress
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Integration Bus 15.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Flexcube Investor Servicing 12.4.0
Oracle Peoplesoft Enterprise Pt Peopletools 8.56
Oracle Retail Xstore Point Of Service 16.0
Oracle Flexcube Investor Servicing 14.0.0
Oracle Retail Integration Bus 16.0
Oracle Banking Platform 2.6.2
Oracle Flexcube Investor Servicing 14.1.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Ip Service Activator 7.4.0
5
CVSSv2
CVE-2019-0188
Apache Camel before 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the camel-xmljson component, which was removed.
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Apache Camel
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Enterprise Data Quality 11.1.1.9.0
Oracle Enterprise Repository 12.1.3.0.0
5
CVSSv2
CVE-2019-5427
c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.
Mchange C3p0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Ip Service Activator 7.4.0
Oracle Communications Ip Service Activator 7.3.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Communications Session Route Manager
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Documaker
5
CVSSv2
CVE-2019-10246
In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information revea...
Eclipse Jetty 9.2.27
Eclipse Jetty 9.3.26
Eclipse Jetty 9.4.16
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Oncommand System Manager
Netapp Snapmanager -
Netapp Storage Services Connector -
Netapp Virtual Storage Console
Netapp Virtual Storage Console 9.6
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Storage Replication Adapter For Clustered Data Ontap 9.6
Netapp Vasa Provider For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap -
Netapp Element -
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Core Banking 5.2.0
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
5
CVSSv2
CVE-2019-10247
In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Con...
Eclipse Jetty 9.3.0
Eclipse Jetty 9.3.4
Eclipse Jetty 9.3.7
Eclipse Jetty 9.3.8
Eclipse Jetty 9.3.1
Eclipse Jetty 9.3.2
Eclipse Jetty 9.3.3
Eclipse Jetty 9.3.5
Eclipse Jetty 9.3.6
Eclipse Jetty 9.3.9
Eclipse Jetty 9.3.10
Eclipse Jetty 9.3.11
Eclipse Jetty 9.3.12
Eclipse Jetty 9.3.13
Eclipse Jetty 9.3.14
Eclipse Jetty 9.3.15
Eclipse Jetty 9.3.16
Eclipse Jetty 9.3.17
Eclipse Jetty 9.3.18
Eclipse Jetty 9.3.19
Eclipse Jetty 9.3.20
Eclipse Jetty 9.3.21
5
CVSSv2
CVE-2018-15756
Spring Framework, version 5.1, versions 5.0.x before 5.0.10, versions 4.3.x before 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annota...
Vmware Spring Framework
Vmware Spring Framework 5.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Invoice Matching 13.0
Oracle Flexcube Private Banking 12.0.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Retail Invoice Matching 12.0
Oracle Flexcube Private Banking 12.0.3
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Webcenter Sites 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Insurance Rules Palette 10.0
4.9
CVSSv2
CVE-2017-10010
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: FileUploads). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with netw...
Oracle Flexcube Private Banking 2.2.0
Oracle Flexcube Private Banking 2.0.0
Oracle Flexcube Private Banking 12.0.1
Oracle Flexcube Private Banking 2.0.1
4.9
CVSSv2
CVE-2017-10011
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with lo...
Oracle Flexcube Private Banking 2.0.0
Oracle Flexcube Private Banking 12.0.1
Oracle Flexcube Private Banking 2.0.1
Oracle Flexcube Private Banking 2.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »