CPE-96E080B9-D9A1-4046-8AC4-0077F04087B9 Detail

CPE Details

Oracle Banking Trade Finance Process Management 14.5

Vendor

oracle

Product

banking_trade_finance_process_management

Version

14.5

Created

2021-12-02
13h29 +00:00

Modified

2021-12-02
21h36 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5:::::::*

Informations

Vendor

oracle

Product

banking_trade_finance_process_management

Version

14.5

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-21474	2022-04-19 18h38 +00:00	Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized read access to a subset of Oracle Banking Trade Finance accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Trade Finance. CVSS 3.1 Base Score 5.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:L).	5.9	Medium
CVE-2022-22963	2022-04-01 00h00 +00:00	In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.	9.8	Critical
CVE-2021-41973	2021-11-01 07h35 +00:00	In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater.	6.5	Medium
CVE-2020-26217	2020-11-16 20h00 +00:00	XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.	8.8	High
CVE-2019-0228	2019-04-17 12h07 +00:00	Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.	9.8	Critical

Oracle Banking Trade Finance Process Management 14.5

CPE Details

CPE Name: cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:banking_trade_finance_process_management:14.5:::::::*