Oracle Flexcube Universal Banking — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Flexcube Universal Banking, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (95)
CVE-2018-2648 — CVSS 8.8 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-5607 — CVSS 8.8 (high): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0…
CVE-2020-11987 — CVSS 8.2 (high): Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a…
CVE-2018-2649 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-8297 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2018-3015 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-5619 — CVSS 8.1 (high): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0…
CVE-2019-2754 — CVSS 8.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2021-35517 — CVSS 7.5 (high): When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2021-36090 — CVSS 7.5 (high): When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2019-12399 — CVSS 7.5 (high): When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers…
CVE-2021-35515 — CVSS 7.5 (high): When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite…
CVE-2021-35516 — CVSS 7.5 (high): When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of…
CVE-2021-37714 — CVSS 7.5 (high): jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable…
CVE-2016-8310 — CVSS 7.3 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2018-2746 — CVSS 7.1 (high): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2022-21544 — CVSS 7.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2020-2699 — CVSS 7.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2017-10085 — CVSS 7.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2017-10363 — CVSS 7.1 (high): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Security)…
CVE-2017-3485 — CVSS 6.8 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2022-21428 — CVSS 6.7 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2022-21578 — CVSS 6.7 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2017-10084 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Report…
CVE-2017-3534 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2020-2684 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2023-22118 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2020-14887 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2026-21978 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Relationship Pricing)…
CVE-2021-30129 — CVSS 6.5 (medium): A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects…
CVE-2018-2747 — CVSS 6.5 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2018-2979 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2021-41973 — CVSS 6.5 (medium): In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed…
CVE-2016-8311 — CVSS 6.5 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2022-23437 — CVSS 6.5 (medium): There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This…
CVE-2022-21579 — CVSS 6.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2022-21577 — CVSS 6.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2022-21576 — CVSS 6.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2018-2974 — CVSS 6.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-8299 — CVSS 6.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2017-3314 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2016-8303 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2016-5622 — CVSS 6.1 (medium): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0…
CVE-2018-2899 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2744 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2017-10083 — CVSS 6.1 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-2748 — CVSS 6.1 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2023-22119 — CVSS 5.9 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2021-2323 — CVSS 5.9 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Flex-Branch)…
CVE-2021-45105 — CVSS 5.9 (medium): Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from…
CVE-2022-21472 — CVSS 5.9 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2019-2840 — CVSS 5.7 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2021-31811 — CVSS 5.5 (medium): In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache…
CVE-2021-27906 — CVSS 5.5 (medium): A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22…
CVE-2021-27807 — CVSS 5.5 (medium): A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior…
CVE-2016-5620 — CVSS 5.4 (medium): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0…
CVE-2018-2749 — CVSS 5.4 (medium): Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module)…
CVE-2017-3482 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-2980 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-2981 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-3019 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2790 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2020-2683 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2017-10098 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2020-2685 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2017-10073 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2017-10072 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: All Modules)…
CVE-2016-8304 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2018-2630 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Security…
CVE-2023-22117 — CVSS 5.4 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2016-5502 — CVSS 5.4 (medium): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0…
CVE-2018-2975 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2794 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2018-2614 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-8307 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2018-2982 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2019-2839 — CVSS 5.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-5594 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and…
CVE-2017-3480 — CVSS 4.7 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2017-3494 — CVSS 4.7 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Retail Teller)…
CVE-2017-3236 — CVSS 4.7 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2017-3535 — CVSS 4.7 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2021-2324 — CVSS 4.6 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Loans And Deposits)…
CVE-2016-8302 — CVSS 4.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2017-3481 — CVSS 4.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-5603 — CVSS 4.3 (medium): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0…
CVE-2017-10071 — CVSS 4.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: All Modules)…
CVE-2016-5479 — CVSS 4.3 (medium): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, and…
CVE-2016-8301 — CVSS 4.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2016-5621 — CVSS 4.3 (medium): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0…
CVE-2020-2700 — CVSS 4.3 (medium): Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure)…
CVE-2017-3235 — CVSS 3.5 (low): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…
CVE-2019-2793 — CVSS 3.5 (low): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure)…
CVE-2016-5490 — CVSS 3.3 (low): Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.4.0 allows local…
CVE-2016-8305 — CVSS 2.1 (low): Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported…