VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Banking Platform
> 2.4.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2019-07-29
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
network
low complexity
fasterxml
debian
netapp
fedoraproject
redhat
oracle
apple
critical
9.8
9.8
2019-07-23
CVE-2019-10173
It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw.
network
low complexity
xstream-project
oracle
critical
9.8
9.8
2019-04-20
CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution.
network
low complexity
jquery
debian
drupal
backdropcms
fedoraproject
opensuse
netapp
redhat
oracle
joomla
juniper
6.1
6.1
2016-07-04
CVE-2016-1181
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.
network
high complexity
oracle
apache
8.1
8.1
«
Previous
1
2
3
4
(current)
»