Filters

Oracle Retail Xstore Point of ServiceDenial of Service by injecting highly recursive collections or maps in XStream

7.5
First published (updated )

Apache Log4jApache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration

First published (updated )

Oracle Retail Financial IntegrationBypass of the secureValidation property

7.5
First published (updated )

Oracle Banking Digital ExperienceVulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versi…

8.3
First published (updated )

Eclipse JettyEclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when G…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Eclipse JettyRace Condition

7.8
First published (updated )

Oracle Banking PlatformCode Injection

7.5
First published (updated )

Oracle Retail Xstore Point of ServiceRFD Protection Bypass via jsessionid

8.7
First published (updated )

Oracle FLEXCUBE Private BankingCode Injection

First published (updated )

ubuntu/activemqLast updated 24 July 2024

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ubuntu/activemqActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind

8.1
First published (updated )

Vmware Spring IntegrationKryo Configuration Allows Code Execution with Unknown "Serialization Gadgets"

First published (updated )

Oracle Communications Element ManagerXSS

First published (updated )

redhat/camelApache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.2…

First published (updated )

Oracle Communications Diameter Intelligence HubInput Validation

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache CamelApache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, …

First published (updated )

Oracle Retail Integration BusLast updated 24 July 2024

First published (updated )

Oracle Retail Order Broker Cloud ServiceImproper validation of certificate with host mismatch in Apache Log4j SMTP appender prior to version…

First published (updated )

Oracle Primavera UnifierA carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or c…

First published (updated )

Oracle Business Process Management SuiteA carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in ver…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Business Process Management SuiteA carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser …

First published (updated )

Oracle Insurance Policy Administration J2EECSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFlux

First published (updated )

redhat/eap7-apache-cxfXSS

First published (updated )

redhat/eap7-apache-cxfApache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when ship…

7.5
First published (updated )

Oracle Insurance Policy Administration J2EERFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache CXFApache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of mes…

First published (updated )

redhat/cxfA flaw was found in cxf in versions prior to 3.2.11 and 3.3.4. The access token services do not prop…

First published (updated )

Oracle Banking PlatformXSS, XEE

First published (updated )

Oracle Banking PlatformOracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability

First published (updated )

Apache TomEEThe ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory all…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle FLEXCUBE Investor ServicingThe file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get int…

7.5
First published (updated )

Oracle Utilities FrameworkA flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is n…

7.5
First published (updated )

Oracle Retail Price ManagementXSS

First published (updated )

Atlassian Jira Service ManagementXEE

First published (updated )

Oracle Enterprise Manager Base PlatformXEE

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Primavera UnifierSSRF

7.5
First published (updated )

Oracle Communications Element ManagerInfoleak

First published (updated )

Eclipse JettyInfoleak

First published (updated )

Oracle Retail Xstore Point of Servicec3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration du…

7.5
First published (updated )

Oracle FLEXCUBE Private BankingSpring Web Services XML External Entity Injection (XXE)

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Insurance Rules PaletteDoS Attack via Range Requests

7.5
First published (updated )

Oracle FLEXCUBE Private BankingLast updated 24 July 2024

7.4
First published (updated )

Oracle Primavera UnifierXSS

First published (updated )

Oracle FLEXCUBE Private BankingPivotal Spring Framework could allow a remote attacker to bypass security restrictions, caused by a …

7.5
First published (updated )

Oracle FLEXCUBE Private BankingPivotal Spring Framework is vulnerable to a denial of service. By sending a specially-crafted messag…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle FLEXCUBE Investor ServicingGoogle Guava is vulnerable to a denial of service, caused by improper eager allocation checks in the…

First published (updated )

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

First published (updated )

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

First published (updated )

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

First published (updated )

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203