Banking_treasury_management - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Banking_treasury_management
(Oracle)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	29

Date	Id	Summary	Products	Score	Patch	Annotated
2021-01-06	CVE-2020-36181	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.	Debian_linux, Jackson\-Databind, Service_level_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Documaker, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal	8.1
2021-01-06	CVE-2020-36184	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.	Debian_linux, Jackson\-Databind, Cloud_backup, Service_level_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Documaker, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal	8.1
2021-01-07	CVE-2020-36179	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.	Debian_linux, Jackson\-Databind, Cloud_backup, Service_level_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal	8.1
2021-01-07	CVE-2020-36180	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.	Debian_linux, Jackson\-Databind, Cloud_backup, Service_level_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Documaker, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal	8.1
2021-01-07	CVE-2020-36182	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.	Debian_linux, Jackson\-Databind, Cloud_backup, Service_level_manager, Agile_plm, Application_testing_suite, Autovue_for_agile_product_lifecycle_management, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_policy_management, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Documaker, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal	8.1
2020-10-01	CVE-2020-11979	As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.	Ant, Fedora, Gradle, Agile_engineering_data_management, Api_gateway, Banking_platform, Banking_treasury_management, Communications_unified_inventory_management, Data_integrator, Endeca_information_discovery_studio, Enterprise_repository, Financial_services_analytical_applications_infrastructure, Flexcube_private_banking, Primavera_gateway, Primavera_unifier, Real\-Time_decision_server, Retail_advanced_inventory_planning, Retail_assortment_planning, Retail_category_management_planning_\&_optimization, Retail_eftlink, Retail_financial_integration, Retail_integration_bus, Retail_item_planning, Retail_macro_space_optimization, Retail_merchandise_financial_planning, Retail_merchandising_system, Retail_predictive_application_server, Retail_regular_price_optimization, Retail_replenishment_optimization, Retail_service_backbone, Retail_size_profile_optimization, Retail_store_inventory_management, Retail_xstore_point_of_service, Storagetek_acsls, Storagetek_tape_analytics, Timesten_in\-Memory_database, Utilities_framework	7.5
2020-12-03	CVE-2020-25649	A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.	Iotdb, Jackson\-Databind, Fedora, Oncommand_api_services, Oncommand_workflow_automation, Service_level_manager, Agile_plm, Agile_product_lifecycle_management_integration_pack, Banking_apis, Banking_platform, Banking_treasury_management, Blockchain_platform, Coherence, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_interactive_session_recorder, Communications_messaging_server, Communications_network_charging_and_control, Communications_offline_mediation_controller, Communications_pricing_design_center, Communications_services_gatekeeper, Communications_unified_inventory_management, Goldengate_application_adapters, Health_sciences_empirica_signal, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Retail_service_backbone, Retail_xstore_point_of_service, Sd\-Wan_edge, Utilities_framework, Webcenter_portal, Quarkus	7.5
2020-12-27	CVE-2020-35728	FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).	Debian_linux, Jackson\-Databind, Service_level_manager, Agile_plm, Application_testing_suite, Autovue, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_extensibility_workbench, Banking_supply_chain_finance, Banking_treasury_management, Banking_virtual_account_management, Blockchain_platform, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_policy, Communications_cloud_native_core_unified_data_repository, Communications_convergent_charging_controller, Communications_diameter_signaling_route, Communications_element_manager, Communications_evolved_communications_application_server, Communications_network_charging_and_control, Communications_policy_management, Communications_services_gatekeeper, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Data_integrator, Goldengate_application_adapters, Insurance_policy_administration, Insurance_rules_palette, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_merchandising_system, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal	8.1
2021-03-19	CVE-2021-27807	A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.	Pdfbox, Fedora, Banking_trade_finance_process_management, Banking_treasury_management, Banking_virtual_account_management, Communications_messaging_server, Communications_session_report_manager, Flexcube_universal_banking, Hyperion_financial_reporting, Hyperion_infrastructure_technology, Outside_in_technology, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_xstore_point_of_service, Webcenter_sites	5.5
2021-03-19	CVE-2021-27906	A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.	Pdfbox, Fedora, Banking_corporate_lending_process_management, Banking_credit_facilities_process_management, Banking_supply_chain_finance, Banking_trade_finance_process_management, Banking_treasury_management, Banking_virtual_account_management, Communications_messaging_server, Communications_session_report_manager, Flexcube_universal_banking, Hyperion_financial_reporting, Hyperion_infrastructure_technology, Outside_in_technology, Peoplesoft_enterprise_peopletools, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_xstore_point_of_service, Webcenter_sites	5.5