Customer Management And Segmentation Foundation

customer_management_and_segmentation_foundation

Vendor: Oracle • 9 CVEs

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-41973 2Apache Oracle 9Banking Payments Banking Trade Finance Process ManagementBanking Treasury Management+6 more Nov 21, 2024 Nov 1, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is...Show more In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or greater.Show less
CVE-2019-20330 4Debian FasterxmlNetapp+1 more 30Active Iq Unified Manager Banking PlatformCommunications Billing And Revenue Management+27 more Nov 21, 2024 Jan 3, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
CVE-2019-17267 5Debian FasterxmlNetapp+2 more 12Active Iq Unified Manager Customer Management And Segmentation FoundationDebian Linux+9 more Nov 21, 2024 Oct 7, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.
CVE-2019-16335 6Debian FasterxmlFedoraproject+3 more 17Banking Platform Customer Management And Segmentation FoundationDebian Linux+14 more Nov 21, 2024 Sep 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
CVE-2019-14540 6Debian FasterxmlFedoraproject+3 more 19Banking Platform Customer Management And Segmentation FoundationDebian Linux+16 more Nov 21, 2024 Sep 15, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
CVE-2019-12402 3Apache FedoraprojectOracle 19Banking Payments Banking PlatformCommons Compress+16 more Nov 21, 2024 Aug 30, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker...Show more The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.Show less
CVE-2019-10086 6Apache DebianFedoraproject+3 more 60Agile Plm Agile Product Lifecycle Management Integration PackApplication Testing Suite+57 more Nov 21, 2024 Aug 20, 2019 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, howev...Show more In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.Show less
CVE-2019-13990 5Apache AtlassianNetapp+2 more 31Active Iq Unified Manager Apache Batik MapviewerBanking Enterprise Originations+28 more Nov 21, 2024 Jul 26, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
CVE-2018-10237 3Google OracleRedhat 17Banking Payments Communications Ip Service ActivatorCustomer Management And Segmentation Foundation+14 more Nov 21, 2024 Apr 26, 2018 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data,...Show more Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.Show less