Oracle Flexcube_universal_banking
95 CVEs affecting Oracle Flexcube_universal_banking. Latest disclosed: 2026-01-20. Critical: 0, High: 20.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-2648 | High | 8.8 | 2018-01-18 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions t… |
CVE-2016-5607 | High | 8.8 | 2016-10-25 | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 1… |
CVE-2020-11987 | High | 8.2 | 2021-02-24 | Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argume… |
CVE-2019-2754 | High | 8.1 | 2019-07-23 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions t… |
CVE-2018-3015 | High | 8.1 | 2018-07-18 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions t… |
CVE-2018-2649 | High | 8.1 | 2018-01-18 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions t… |
CVE-2016-8297 | High | 8.1 | 2017-01-27 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are af… |
CVE-2016-5619 | High | 8.1 | 2016-10-25 | Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 1… |
CVE-2021-37714 | High | 7.5 | 2021-08-18 | jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If t… |
CVE-2021-36090 | High | 7.5 | 2021-07-13 | When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for ve… |
CVE-2021-35517 | High | 7.5 | 2021-07-13 | When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for ve… |
CVE-2021-35516 | High | 7.5 | 2021-07-13 | When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for ver… |
CVE-2021-35515 | High | 7.5 | 2021-07-13 | When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used… |
CVE-2019-12399 | High | 7.5 | 2020-01-14 | When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is cr… |
CVE-2016-8310 | High | 7.3 | 2017-01-27 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are af… |
CVE-2022-21544 | High | 7.1 | 2022-07-19 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that a… |
CVE-2020-2699 | High | 7.1 | 2020-01-15 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that a… |
CVE-2018-2746 | High | 7.1 | 2018-04-19 | Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versions that… |
CVE-2017-10363 | High | 7.1 | 2017-10-19 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Security). Supported versions that ar… |
CVE-2017-10085 | High | 7.1 | 2017-08-08 | Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions t… |