Oracle Flexcube_investor_servicing
45 CVEs affecting Oracle Flexcube_investor_servicing. Latest disclosed: 2026-01-20. Critical: 2, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-13990 | Critical | 9.8 | 2019-07-26 | initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description. |
CVE-2017-5645 | Critical | 9.8 | 2017-04-17 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially… |
CVE-2021-2351 | High | 8.3 | 2021-07-21 | Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Diffi… |
CVE-2026-21973 | High | 8.1 | 2026-01-20 | Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Security Management System). Supported v… |
CVE-2020-14569 | High | 8.1 | 2020-07-15 | Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that… |
CVE-2019-2841 | High | 8.1 | 2019-07-23 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions… |
CVE-2018-3035 | High | 8.1 | 2018-07-18 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions… |
CVE-2016-8315 | High | 8.1 | 2017-01-27 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure Code). Supported vers… |
CVE-2019-12402 | High | 7.5 | 2019-08-30 | The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs… |
CVE-2018-1000632 | High | 7.5 | 2018-08-20 | dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an… |
CVE-2020-2723 | High | 7.1 | 2020-01-15 | Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that… |
CVE-2018-2746 | High | 7.1 | 2018-04-19 | Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that… |
CVE-2020-2721 | Medium | 6.5 | 2020-01-15 | Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that… |
CVE-2018-3030 | Medium | 6.5 | 2018-07-18 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions… |
CVE-2018-2747 | Medium | 6.5 | 2018-04-19 | Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that… |
CVE-2017-3488 | Medium | 6.5 | 2017-04-24 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that… |
CVE-2020-1945 | Medium | 6.3 | 2020-05-14 | Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and… |
CVE-2018-3028 | Medium | 6.3 | 2018-07-18 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions… |
CVE-2019-10219 | Medium | 6.1 | 2019-11-08 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious cod… |
CVE-2019-2736 | Medium | 6.1 | 2019-07-23 | Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions… |