Vulnerabilities > Oracle > Financial Services Analytical Applications Infrastructure > 8.0.7.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-16	CVE-2022-24729	CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor drupal oracle fedoraproject	7.5
2022-03-16	CVE-2022-24728	Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor drupal oracle fedoraproject CWE-79	5.4
2022-03-11	CVE-2020-36518	Out-of-bounds Write vulnerability in multiple products jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. network low complexity fasterxml oracle debian netapp CWE-787	7.5
2022-01-24	CVE-2022-23437	Infinite Loop vulnerability in multiple products There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. network low complexity apache oracle netapp CWE-835	6.5
2022-01-19	CVE-2021-35686	Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). network low complexity oracle	4.0
2022-01-19	CVE-2021-35687	Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). network low complexity oracle	5.0
2021-12-18	CVE-2021-45105	Uncontrolled Recursion vulnerability in multiple products Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. network high complexity apache netapp debian sonicwall oracle CWE-674	5.9
2021-09-22	CVE-2021-38153	Information Exposure Through Discrepancy vulnerability in multiple products Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. network high complexity apache quarkus oracle CWE-203	5.9
2021-08-13	CVE-2021-37695	Cross-site Scripting vulnerability in multiple products ckeditor is an open source WYSIWYG HTML editor with rich content support. network low complexity ckeditor debian fedoraproject oracle CWE-79	5.4
2021-08-12	CVE-2021-32808	Cross-site Scripting vulnerability in multiple products ckeditor is an open source WYSIWYG HTML editor with rich content support. network low complexity ckeditor fedoraproject oracle CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.