Vulnerabilities > Oracle > Flexcube Core Banking > 11.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-23 | CVE-2020-27216 | In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. | 7.0 |
| 2020-04-27 | CVE-2020-9488 | Improper Certificate Validation vulnerability in multiple products Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. | 3.7 |
| 2019-04-22 | CVE-2019-10247 | Information Exposure vulnerability in multiple products In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not finding a Context that matches the requested path. | 5.3 |
| 2019-04-22 | CVE-2019-10246 | Information Exposure vulnerability in multiple products In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. | 5.3 |
| 2019-04-22 | CVE-2019-10241 | Cross-site Scripting vulnerability in multiple products In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents. | 6.1 |
| 2018-04-19 | CVE-2018-2807 | Unspecified vulnerability in Oracle Flexcube Core Banking 11.5.0/11.6.0/11.7.0 Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Securities). | 6.1 |
| 2017-01-27 | CVE-2016-8324 | Improper Access Control vulnerability in Oracle Flexcube Core Banking 11.5.0/5.1.0/5.2.0 Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). | 5.3 |
| 2017-01-27 | CVE-2016-8323 | Improper Access Control vulnerability in Oracle Flexcube Core Banking 11.5.0/5.1.0/5.2.0 Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). | 5.4 |
| 2017-01-27 | CVE-2016-8322 | Information Exposure vulnerability in Oracle Flexcube Core Banking 11.5.0/5.1.0/5.2.0 Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). | 4.3 |
| 2017-01-27 | CVE-2016-8314 | 7PK - Security Features vulnerability in Oracle Flexcube Core Banking 11.5.0/5.1.0/5.2.0 Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). | 3.1 |