Vulnerabilities > Oracle > Banking Payments > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-23 | CVE-2019-12415 | XXE vulnerability in multiple products In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing. | 5.5 |
| 2018-07-18 | CVE-2018-3026 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 5.4 |
| 2018-07-18 | CVE-2018-3025 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 5.3 |
| 2018-07-18 | CVE-2018-3024 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 5.4 |
| 2018-07-18 | CVE-2018-3023 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 5.4 |
| 2018-07-18 | CVE-2018-3022 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 6.5 |
| 2018-07-18 | CVE-2018-3021 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 5.3 |
| 2018-07-18 | CVE-2018-3020 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 6.3 |
| 2018-07-18 | CVE-2018-2896 | Unspecified vulnerability in Oracle Banking Payments Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). | 6.1 |
| 2018-04-26 | CVE-2018-10237 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. | 5.9 |