Oracle Banking Payments — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Banking Payments, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35)
CVE-2019-13990 — CVSS 9.8 (critical): initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job…
CVE-2018-2705 — CVSS 8.8 (high): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-2704 — CVSS 8.1 (high): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-3027 — CVSS 8.1 (high): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2021-35517 — CVSS 7.5 (high): When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2021-36090 — CVSS 7.5 (high): When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2021-35515 — CVSS 7.5 (high): When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite…
CVE-2019-12399 — CVSS 7.5 (high): When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers…
CVE-2019-12402 — CVSS 7.5 (high): The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with…
CVE-2018-2746 — CVSS 7.1 (high): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2020-2713 — CVSS 7.1 (high): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that…
CVE-2020-14896 — CVSS 6.5 (medium): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that…
CVE-2021-30129 — CVSS 6.5 (medium): A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects…
CVE-2020-2711 — CVSS 6.5 (medium): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that…
CVE-2021-41973 — CVSS 6.5 (medium): In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed…
CVE-2018-2747 — CVSS 6.5 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2018-3022 — CVSS 6.5 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-3020 — CVSS 6.3 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-2748 — CVSS 6.1 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2018-2896 — CVSS 6.1 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-10237 — CVSS 5.9 (medium): Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks…
CVE-2021-45105 — CVSS 5.9 (medium): Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from…
CVE-2022-21475 — CVSS 5.9 (medium): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Infrastructure). The supported…
CVE-2019-12415 — CVSS 5.5 (medium): In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted…
CVE-2020-2712 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that…
CVE-2018-3026 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-3024 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-3023 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-2749 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2020-2710 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that…
CVE-2018-3025 — CVSS 5.3 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-2708 — CVSS 5.3 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2018-3021 — CVSS 5.3 (medium): Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported…
CVE-2023-21915 — CVSS 4.6 (medium): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Book/Internal Transfer)…
CVE-2020-2714 — CVSS 4.3 (medium): Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that…