Oracle Flexcube Investor Servicing — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Flexcube Investor Servicing, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (45)
CVE-2017-5645 — CVSS 9.8 (critical): In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another…
CVE-2019-13990 — CVSS 9.8 (critical): initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job…
CVE-2021-2351 — CVSS 8.3 (high): Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2…
CVE-2016-8315 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure…
CVE-2018-3035 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2841 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2026-21973 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Security Management…
CVE-2020-14569 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2018-1000632 — CVSS 7.5 (high): dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute…
CVE-2019-12402 — CVSS 7.5 (high): The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with…
CVE-2020-2723 — CVSS 7.1 (high): Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2018-2746 — CVSS 7.1 (high): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2020-2721 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2017-3488 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust)…
CVE-2018-2747 — CVSS 6.5 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2018-3030 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-3028 — CVSS 6.3 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2020-1945 — CVSS 6.3 (medium): Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir…
CVE-2018-2748 — CVSS 6.1 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2016-8319 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2019-10219 — CVSS 6.1 (medium): A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of…
CVE-2018-2898 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2736 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-10237 — CVSS 5.9 (medium): Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks…
CVE-2019-2847 — CVSS 5.7 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-3031 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-8306 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2016-8316 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2017-3288 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust)…
CVE-2017-3489 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Security…
CVE-2018-2749 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2018-3032 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-3034 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2843 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2020-2720 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2020-2722 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2018-3033 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2846 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-8317 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust)…
CVE-2018-3029 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-8309 — CVSS 4.3 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2020-2724 — CVSS 4.3 (medium): Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2019-2845 — CVSS 3.5 (low): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-5509 — CVSS 3.1 (low): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2017-3487 — CVSS 3.1 (low): Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust)…