CPE-EAEEDB74-D187-4D0C-B4DC-C36A7CFB261B Detail

CPE Details

Oracle Banking Enterprise Default Management 2.7.1

Vendor

oracle

Product

banking_enterprise_default_management

Version

2.7.1

Created

2022-02-25
11h27 +00:00

Modified

2022-09-12
11h51 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:::::::*

Informations

Vendor

oracle

Product

banking_enterprise_default_management

Version

2.7.1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2021-45105	2021-12-18 10h55 +00:00	Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.	5.9	Medium
CVE-2021-35043	2021-07-19 12h53 +00:00	OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with : as the replacement for the : character.	6.1	Medium
CVE-2021-29425	2021-04-13 04h50 +00:00	In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.	4.8	Medium
CVE-2020-13936	2021-03-10 08h00 +00:00	An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.	8.8	High
CVE-2020-9281	2020-03-06 23h02 +00:00	A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).	6.1	Medium
CVE-2019-10219	2019-11-08 13h46 +00:00	A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.	6.1	Medium

Oracle Banking Enterprise Default Management 2.7.1

CPE Details

CPE Name: cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:::::::*