← Back

Financial Services Lending And Leasing

financial_services_lending_and_leasing

Vendor: Oracle • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-17571
6Apache
CanonicalDebian+3 more
17Application Testing Suite
BookkeeperCommunications Network Integrity+14 more
May 28, 2026
Dec 20, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening t...Show more
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.Show less
CVE-2019-2904
1Oracle
22Application Testing Suite
Banking Enterprise CollectionsBanking Enterprise Originations+19 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability...Show more
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).Show less
CVE-2017-5645
4Apache
NetappOracle+1 more
79Api Gateway
Application Testing SuiteAutovue Vuelink Integration+76 more
May 13, 2026
Apr 17, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, c...Show more
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.Show less