VYPR

Financial Services Hedge Management And Ifrs Valuations

by Oracle Corporation

CVEs (6)

  • CVE-2017-5645CriApr 17, 2017
    risk 0.71cvss 9.8epss 0.89

    In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

  • CVE-2018-2725HigJan 18, 2018
    risk 0.53cvss 8.1epss 0.02

    Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged…

  • CVE-2020-11022MedApr 29, 2020
    risk 0.49cvss 6.9epss 0.99

    In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

  • CVE-2017-15707MedDec 1, 2017
    risk 0.41cvss 6.2epss 0.05

    In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.

  • CVE-2018-2719MedJan 18, 2018
    risk 0.40cvss 6.1epss 0.01

    Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2020-2935Apr 15, 2020
    risk 0.00cvss epss 0.01

    Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6 - 8.0.8. Easily exploitable vulnerability allows low privileged…