Filtered by vendor Oracle Subscriptions
Filtered by product Banking Enterprise Default Management Subscriptions
Total 23 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-6950 3 Eclipse, Oracle, Redhat 14 Mojarra, Banking Enterprise Default Management, Banking Platform and 11 more 2024-11-21 6.5 Medium
Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.
CVE-2020-13936 4 Apache, Debian, Oracle and 1 more 21 Velocity Engine, Wss4j, Debian Linux and 18 more 2024-11-21 8.8 High
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.
CVE-2019-10219 3 Netapp, Oracle, Redhat 199 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 196 more 2024-11-21 6.1 Medium
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.