Vulnerabilities > Oracle > Banking Payments > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-13 | CVE-2021-35515 | Infinite Loop vulnerability in multiple products When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. | 7.5 |
| 2021-07-13 | CVE-2021-35517 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
| 2021-07-13 | CVE-2021-36090 | When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
| 2020-01-15 | CVE-2020-2713 | Unspecified vulnerability in Oracle Banking Payments 14.1.0/14.3.0 Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). | 7.1 |
| 2020-01-14 | CVE-2019-12399 | Cleartext Transmission of Sensitive Information vulnerability in multiple products When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector's task configuration and the response will contain the plaintext secret rather than the externalized secrets variables. | 7.5 |
| 2019-08-30 | CVE-2019-12402 | Infinite Loop vulnerability in multiple products The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. | 7.5 |
| 2018-07-18 | CVE-2018-3027 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 8.1 |
| 2018-04-19 | CVE-2018-2746 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). | 7.1 |
| 2018-01-18 | CVE-2018-2705 | Unspecified vulnerability in Oracle Banking Payments 12.3.0/12.4.0 Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 8.8 |
| 2018-01-18 | CVE-2018-2704 | Unspecified vulnerability in Oracle Banking Payments 12.3.0/12.4.0 Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 8.1 |