VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Banking Enterprise Default Management
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-07-13
CVE-2021-35515
Infinite Loop vulnerability in multiple products
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop.
network
low complexity
apache
netapp
oracle
CWE-835
7.5
7.5
2021-07-13
CVE-2021-35516
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache
netapp
oracle
CWE-770
7.5
7.5
2021-07-13
CVE-2021-35517
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache
netapp
oracle
CWE-770
7.5
7.5
2021-07-13
CVE-2021-36090
When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache
oracle
netapp
7.5
7.5
2021-03-23
CVE-2021-21349
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
8.6
8.6
2021-03-23
CVE-2021-21348
Resource Exhaustion vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
CWE-400
7.5
7.5
2021-03-23
CVE-2021-21343
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
7.5
7.5
2021-03-23
CVE-2021-21341
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
xstream-project
debian
fedoraproject
oracle
7.5
7.5
2021-03-10
CVE-2020-13936
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container.
network
low complexity
apache
debian
oracle
8.8
8.8