CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-3029
https://notcve.org/view.php?id=CVE-2018-3029
18 Jul 2018 — Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS ... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 6.5EPSS: 1%CPEs: 4EXPL: 0CVE-2018-3030
https://notcve.org/view.php?id=CVE-2018-3030
18 Jul 2018 — Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle FLEXC... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-3031
https://notcve.org/view.php?id=CVE-2018-3031
18 Jul 2018 — Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessi... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-3032
https://notcve.org/view.php?id=CVE-2018-3032
18 Jul 2018 — Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessi... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-3033
https://notcve.org/view.php?id=CVE-2018-3033
18 Jul 2018 — Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicin... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2018-3034
https://notcve.org/view.php?id=CVE-2018-3034
18 Jul 2018 — Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Investor Servicing, ... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0CVE-2018-3035
https://notcve.org/view.php?id=CVE-2018-3035
18 Jul 2018 — Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Inv... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html •
CVSS: 5.9EPSS: 3%CPEs: 42EXPL: 0CVE-2018-10237 – guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service
https://notcve.org/view.php?id=CVE-2018-10237
26 Apr 2018 — Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. Asignación de memoria ... • http://www.securitytracker.com/id/1041707 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.1EPSS: 0%CPEs: 24EXPL: 0CVE-2018-2746
https://notcve.org/view.php?id=CVE-2018-2746
19 Apr 2018 — Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessibl... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2018-2747
https://notcve.org/view.php?id=CVE-2018-2747
19 Apr 2018 — Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0 and 14.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessibl... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •