Oracle Financial Services Trade-based Anti Money Laundering 8.0.7 Enterprise Edition

CPE Details

Oracle Financial Services Trade-based Anti Money Laundering 8.0.7 Enterprise Edition
oracle
financial_services_trade-based_anti_money_laundering
8.0.7
2022-02-14
16h05 +00:00
2022-02-15
03h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:financial_services_trade-based_anti_money_laundering:8.0.7:*:*:*:enterprise:*:*:*

Informations

Vendor

oracle

Product

financial_services_trade-based_anti_money_laundering

Version

8.0.7

Software Edition

enterprise

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-24728 2022-03-15 23h00 +00:00 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds.
5.4
Medium
CVE-2022-24729 2022-03-15 23h00 +00:00 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds.
7.5
High
CVE-2020-36518 2022-03-10 23h00 +00:00 jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
7.5
High
CVE-2021-2351 2021-07-20 20h43 +00:00 Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Advanced Networking Option. Note: The July 2021 Critical Patch Update introduces a number of Native Network Encryption changes to deal with vulnerability CVE-2021-2351 and prevent the use of weaker ciphers. Customers should review: "Changes in Native Network Encryption with the July 2021 Critical Patch Update" (Doc ID 2791571.1). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
8.3
High
CVE-2019-10219 2019-11-08 13h46 +00:00 A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
6.1
Medium