Filter

Apache StrutsCode Injection

First published (updated )

redhat/cxfA flaw was found in cxf in versions prior to 3.2.11 and 3.3.4. The access token services do not prop…

First published (updated )

redhat/camelApache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.2…

First published (updated )

Oracle FLEXCUBE Private BankingSpring Web Services XML External Entity Injection (XXE)

First published (updated )

Apache Log4jApache log4j2 log messages substitution (CVE-2021-44228)

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache CamelApache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, …

First published (updated )

Atlassian Jira Service ManagementXEE

First published (updated )

Oracle Banking PlatformOracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability

First published (updated )

Oracle FLEXCUBE Private BankingCode Injection

First published (updated )

Vmware Spring IntegrationKryo Configuration Allows Code Execution with Unknown "Serialization Gadgets"

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Retail Xstore Point of ServiceRFD Protection Bypass via jsessionid

8.7
First published (updated )

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

8.5
First published (updated )

Oracle Banking Digital ExperienceVulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versi…

8.3
First published (updated )

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

8.2
First published (updated )

ubuntu/activemqActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

8.1
First published (updated )

Oracle Insurance Policy Administration J2EERFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application

First published (updated )

Oracle Utilities FrameworkA flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is n…

7.5
First published (updated )

Oracle Insurance Rules PaletteDoS Attack via Range Requests

7.5
First published (updated )

Oracle FLEXCUBE Investor ServicingThe file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get int…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Banking PlatformCode Injection

7.5
First published (updated )

Oracle FLEXCUBE Private BankingPivotal Spring Framework is vulnerable to a denial of service. By sending a specially-crafted messag…

7.5
First published (updated )

Oracle Retail Xstore Point of Servicec3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration du…

7.5
First published (updated )

Oracle Communications Diameter Intelligence HubInput Validation

7.5
First published (updated )

redhat/eap7-apache-cxfApache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when ship…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Retail Xstore Point of ServiceDenial of Service by injecting highly recursive collections or maps in XStream

7.5
First published (updated )

Oracle Retail Financial IntegrationBypass of the secureValidation property

7.5
First published (updated )

Oracle FLEXCUBE Private BankingPivotal Spring Framework could allow a remote attacker to bypass security restrictions, caused by a …

7.5
First published (updated )

Oracle FLEXCUBE Private BankingVulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applicat…

7.5
First published (updated )

Apache TomEEThe ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory all…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203