VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Banking Trade Finance Process Management
> 14.2.0
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-03-30
CVE-2021-21409
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty
debian
netapp
oracle
quarkus
5.9
5.9
2021-03-19
CVE-2021-27906
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.
local
low complexity
apache
fedoraproject
oracle
5.5
5.5
2021-03-19
CVE-2021-27807
Excessive Iteration vulnerability in multiple products
A carefully crafted PDF file can trigger an infinite loop while loading the file.
local
low complexity
apache
fedoraproject
oracle
CWE-834
5.5
5.5
2021-02-15
CVE-2021-23337
Code Injection vulnerability in multiple products
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
network
low complexity
lodash
oracle
netapp
siemens
CWE-94
7.2
7.2
2021-02-15
CVE-2020-28500
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
network
low complexity
lodash
oracle
siemens
5.3
5.3
2021-02-08
CVE-2021-21290
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
local
low complexity
netty
debian
quarkus
oracle
netapp
5.5
5.5
2020-07-15
CVE-2020-8203
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
network
high complexity
lodash
oracle
7.4
7.4