Vulnerabilities > Oracle > Banking Payments

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-2710 Unspecified vulnerability in Oracle Banking Payments 14.1.0/14.3.0
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core).
network
low complexity
oracle
5.4
2020-01-14 CVE-2019-12399 Cleartext Transmission of Sensitive Information vulnerability in multiple products
When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector's task configuration and the response will contain the plaintext secret rather than the externalized secrets variables.
network
low complexity
apache oracle CWE-319
7.5
2019-10-23 CVE-2019-12415 XXE vulnerability in multiple products
In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.
local
low complexity
apache oracle CWE-611
5.5
2019-08-30 CVE-2019-12402 Infinite Loop vulnerability in multiple products
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs.
network
low complexity
apache fedoraproject oracle CWE-835
7.5
2019-07-26 CVE-2019-13990 XXE vulnerability in multiple products
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
network
low complexity
softwareag oracle apache netapp atlassian CWE-611
critical
9.8
2018-07-18 CVE-2018-3027 Unspecified vulnerability in Oracle Banking Payments
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core).
network
low complexity
oracle
8.1
2018-07-18 CVE-2018-3026 Unspecified vulnerability in Oracle Banking Payments
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core).
network
low complexity
oracle
5.4
2018-07-18 CVE-2018-3025 Unspecified vulnerability in Oracle Banking Payments
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core).
network
high complexity
oracle
5.3
2018-07-18 CVE-2018-3024 Unspecified vulnerability in Oracle Banking Payments
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core).
network
low complexity
oracle
5.4
2018-07-18 CVE-2018-3023 Unspecified vulnerability in Oracle Banking Payments
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core).
network
low complexity
oracle
5.4