Vulnerabilities > Oracle > Flexcube Universal Banking > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-24 CVE-2022-23437 Infinite Loop vulnerability in multiple products
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads.
network
low complexity
apache oracle netapp CWE-835
6.5
2021-12-18 CVE-2021-45105 Uncontrolled Recursion vulnerability in multiple products
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups.
network
high complexity
apache netapp debian sonicwall oracle CWE-674
5.9
2021-11-01 CVE-2021-41973 Infinite Loop vulnerability in multiple products
In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely.
network
low complexity
apache oracle CWE-835
6.5
2021-07-12 CVE-2021-30129 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error.
network
low complexity
apache oracle CWE-772
6.5
2021-06-12 CVE-2021-31811 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.
local
low complexity
apache fedoraproject oracle CWE-770
5.5
2021-03-19 CVE-2021-27906 A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.
local
low complexity
apache fedoraproject oracle
5.5
2021-03-19 CVE-2021-27807 Excessive Iteration vulnerability in multiple products
A carefully crafted PDF file can trigger an infinite loop while loading the file.
local
low complexity
apache fedoraproject oracle CWE-834
5.5
2020-01-15 CVE-2020-2700 Unspecified vulnerability in Oracle Flexcube Universal Banking
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
4.3
2020-01-15 CVE-2020-2685 Unspecified vulnerability in Oracle Flexcube Universal Banking
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
5.4
2020-01-15 CVE-2020-2684 Unspecified vulnerability in Oracle Flexcube Universal Banking
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure).
network
low complexity
oracle
6.5