CPE-EAEEDB74-D187-4D0C-B4DC-C36A7CFB261B Détail

CPE Details

Oracle Banking Enterprise Default Management 2.7.1

Vendor

oracle

Product

banking_enterprise_default_management

Version

2.7.1

Created

2022-02-25
11h27 +00:00

Modifié

2022-09-12
11h51 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:::::::*

Informations

Vendor

oracle

Product

banking_enterprise_default_management

Version

2.7.1

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2021-45105	2021-12-18 10h55 +00:00	Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.	5.9	Moyen
CVE-2021-35043	2021-07-19 12h53 +00:00	OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with : as the replacement for the : character.	6.1	Moyen
CVE-2021-29425	2021-04-13 04h50 +00:00	In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.	4.8	Moyen
CVE-2020-13936	2021-03-10 08h00 +00:00	An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.	8.8	Haute
CVE-2020-9281	2020-03-06 23h02 +00:00	A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).	6.1	Moyen
CVE-2019-10219	2019-11-08 13h46 +00:00	A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.	6.1	Moyen

Oracle Banking Enterprise Default Management 2.7.1

CPE Details

CPE Name: cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:::::::*