VYPR

Flexcube Private Banking

by Oracle Corporation

CVEs (30)

  • CVE-2017-10008MedAug 8, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2017-10007MedAug 8, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2017-3473MedApr 24, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0.1 and 12.0.1. Easily "exploitable" vulnerability allows low privileged attacker…

  • CVE-2016-8308MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.02

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2016-5614MedJan 27, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker…

  • CVE-2017-3477MedApr 24, 2017
    risk 0.27cvss 4.2epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 12.0.0 and 12.1.0. Difficult to exploit vulnerability allows low privileged attacker with network…

  • CVE-2016-8313MedJan 27, 2017
    risk 0.27cvss 4.1epss 0.01

    Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Product / Instrument Search). Supported versions that are affected are 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows low privileged attacker…

  • CVE-2016-5493MedOct 25, 2016
    risk 0.27cvss 4.2epss 0.01

    Unspecified vulnerability in the Oracle FLEXCUBE Private Banking component in Oracle Financial Services Applications 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

  • CVE-2020-9488LowApr 27, 2020
    risk 0.17cvss 3.7epss 0.08

    Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

  • CVE-2013-4316Sep 30, 2013
    risk 0.00cvss epss 0.08

    Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.

Page 2 of 2