CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14894
https://notcve.org/view.php?id=CVE-2020-14894
21 Oct 2020 — Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0 and 14.0.0-14.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data. CVSS 3.1 Base... • https://www.oracle.com/security-alerts/cpuoct2020.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2715
https://notcve.org/view.php?id=CVE-2020-2715
15 Jan 2020 — Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data as well as una... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2718
https://notcve.org/view.php?id=CVE-2020-2718
15 Jan 2020 — Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data as well... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2716
https://notcve.org/view.php?id=CVE-2020-2716
15 Jan 2020 — Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data. CVSS 3... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2717
https://notcve.org/view.php?id=CVE-2020-2717
15 Jan 2020 — Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or del... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2719
https://notcve.org/view.php?id=CVE-2020-2719
15 Jan 2020 — Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 4.3 (Conf... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 5.8EPSS: 0%CPEs: 7EXPL: 2CVE-2019-11269 – Open Redirector in spring-security-oauth2
https://notcve.org/view.php?id=CVE-2019-11269
12 Jun 2019 — Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the redirect_uri parameter. This can cause the authorization server to redirect the resource owner user-a... • https://packetstorm.news/files/id/153299 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 3CVE-2019-3778 – Open Redirect in spring-security-oauth2
https://notcve.org/view.php?id=CVE-2019-3778
07 Mar 2019 — Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the "redirect_uri" parameter. This can cause the authorization server to redirect the resource owner us... • https://packetstorm.news/files/id/153299 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-3046
https://notcve.org/view.php?id=CVE-2018-3046
18 Jul 2018 — Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-3036
https://notcve.org/view.php?id=CVE-2018-3036
18 Jul 2018 — Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessib... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •