cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-21901,https://securityvulnerability.io/vulnerability/CVE-2023-21901,Vulnerability in Oracle Financial Services Analytical Applications Infrastructure,"A vulnerability exists within the Oracle Financial Services Analytical Applications Infrastructure that can be exploited by low-privileged attackers with network access via HTTP. This weakness may allow unauthorized actions such as updates, inserts, or deletions to data that the Infrastructure has access to. Additionally, it poses a risk of unauthorized read access to certain data and potentially leads to a partial denial of service situation. While specifically affecting the Infrastructure component, the implications of these attacks may extend to other associated products, thereby increasing the overall impact on an organization's operational capabilities.",Oracle,Financial Services Analytical Applications Infrastructure,7.4,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-16T21:39:38.605Z,0
CVE-2021-35687,https://securityvulnerability.io/vulnerability/CVE-2021-35687,Unauthorized Access Vulnerability in Oracle Financial Services Applications,"A vulnerability exists in the Oracle Financial Services Analytical Applications Infrastructure, specifically in the Unified Metadata Manager component. This vulnerability permits an unauthenticated attacker, with network access, to exploit the application via HTTP. Successful exploitation can lead to unauthorized read access to certain sensitive data within the infrastructure, potentially exposing critical business information to malicious entities.",Oracle,Financial Services Analytical Applications Infrastructure,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-19T11:21:48.000Z,0
CVE-2021-35686,https://securityvulnerability.io/vulnerability/CVE-2021-35686,Vulnerability in Oracle Financial Services Analytical Applications Infrastructure,"The vulnerability in Oracle Financial Services Analytical Applications Infrastructure, specifically within the Unified Metadata Manager component, allows low privileged attackers with network access via HTTP to gain unauthorized read access to a subset of sensitive data. Affected versions include 8.0.7 through 8.1.1. This security flaw can significantly impact the confidentiality of the data managed by the application, permitting potential exposure to unauthorized entities.",Oracle,Financial Services Analytical Applications Infrastructure,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-19T11:21:46.000Z,0
CVE-2021-2140,https://securityvulnerability.io/vulnerability/CVE-2021-2140,Unprotected Access in Oracle Financial Services Analytical Applications Infrastructure,"This vulnerability allows an unauthenticated attacker with network access to the Oracle Financial Services Analytical Applications Infrastructure to potentially compromise the system. The exploitation of this flaw requires human interaction from a third party, which makes it a unique security concern. A successful attack could lead to unauthorized data modifications, including updates, inserts, or deletions, along with the ability to read sensitive data. The impact of this vulnerability extends beyond the affected component, as it may influence other products within the Oracle ecosystem.",Oracle,Financial Services Analytical Applications Infrastructure,6.1,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2021-04-22T21:53:44.000Z,0
CVE-2020-14824,https://securityvulnerability.io/vulnerability/CVE-2020-14824,Unauthenticated Denial of Service in Oracle Financial Services Analytical Applications,"The vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows an unauthenticated attacker to compromise the system via HTTP requests, potentially causing a denial of service. Affected installations running version 8.0.6 through 8.1.0 can be disrupted, leading to significant operational impacts including system hangs or repeated crashes. While primarily impacting the Infrastructure component, exploitation may also affect other linked applications.",Oracle,Financial Services Analytical Applications Infrastructure,8.6,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2020-10-21T14:04:27.000Z,0
CVE-2020-14684,https://securityvulnerability.io/vulnerability/CVE-2020-14684,HTTP Vulnerability in Oracle Financial Services Analytical Applications Infrastructure,"An easily exploitable vulnerability exists in Oracle Financial Services Analytical Applications Infrastructure, affecting versions 8.0.6 to 8.1.0. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful exploitation requires human interaction from an individual other than the attacker, which could lead to unauthorized updates, inserts, or deletions of data on the platform, ultimately threatening the integrity of the accessible data.",Oracle,Financial Services Analytical Applications Infrastructure,4.3,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-07-15T17:34:33.000Z,0
CVE-2020-14685,https://securityvulnerability.io/vulnerability/CVE-2020-14685,Exploitable Data Modification Flaw in Oracle Financial Services Applications,"A vulnerability exists within the Oracle Financial Services Analytical Applications Infrastructure, enabling low privileged attackers with network access via HTTP to exploit the system. This vulnerability allows unauthorized users to create, delete, or modify critical data stored within the applications. With supported versions ranging from 8.0.6 to 8.1.0, effective exploitation can compromise the integrity of significant data, posing serious security risks to organizational operations.",Oracle,Financial Services Analytical Applications Infrastructure,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:33.000Z,0
CVE-2020-14662,https://securityvulnerability.io/vulnerability/CVE-2020-14662,Unauthorized Data Access in Oracle Financial Services Analytical Applications Infrastructure,"A vulnerability exists in the Oracle Financial Services Analytical Applications Infrastructure that may allow a low privileged attacker with network access via HTTP to gain unauthorized access to sensitive data. This could result in unauthorized modifications, deletions, or insertions of data and enable a partial denial of service. The affected versions include 8.0.6 to 8.1.0, necessitating immediate attention from users to secure their applications and mitigate potential risks.",Oracle,Financial Services Analytical Applications Infrastructure,6.3,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2020-07-15T17:34:32.000Z,0
CVE-2020-14615,https://securityvulnerability.io/vulnerability/CVE-2020-14615,Remote Code Execution Flaw in Oracle Financial Services Analytical Applications,"A vulnerability exists in Oracle Financial Services Analytical Applications Infrastructure that allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful exploitation requires human interaction from a user other than the attacker, escalating risks for sensitive data. This flaw could enable unauthorized updates, insertions, or deletions of accessible data, as well as unauthorized read access to a subset of information within the infrastructure. This vulnerability may also impact other products connected to the Oracle Financial Services ecosystem.",Oracle,Financial Services Analytical Applications Infrastructure,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-07-15T17:34:30.000Z,0
CVE-2020-14603,https://securityvulnerability.io/vulnerability/CVE-2020-14603,Unauthorized Access Vulnerability in Oracle Financial Services Analytical Applications,"An unauthenticated attacker with network access via HTTP can exploit a vulnerability in Oracle Financial Services Analytical Applications Infrastructure, allowing them to gain unauthorized read access to sensitive data. The affected versions range from 8.0.6 to 8.1.0, making it crucial for users to apply appropriate security measures. For detailed information, refer to the Oracle security alert.",Oracle,Financial Services Analytical Applications Infrastructure,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14601,https://securityvulnerability.io/vulnerability/CVE-2020-14601,Vulnerability in Oracle Financial Services Analytical Applications Infrastructure,"The vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows unauthenticated attackers with network access to compromise the system. Exploitation requires user interaction, posing significant risks to data confidentiality and integrity. Affected versions include 8.0.6 through 8.1.0, and successful attacks may lead to unauthorized data access and modification.",Oracle,Financial Services Analytical Applications Infrastructure,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14602,https://securityvulnerability.io/vulnerability/CVE-2020-14602,Unauthorized Data Access Vulnerability in Oracle Financial Services Applications,"The vulnerability identified allows low-privileged attackers with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. This flaw can lead to unauthorized creation, deletion, or modification of critical data, affecting the integrity and confidentiality of the information stored. Consequently, some users may gain unauthorized read access to a subset of sensitive data. Primarily affecting versions 8.0.6 to 8.1.0, this vulnerability represents a significant risk to the operational integrity of Oracle Financial Services Analytical Applications.",Oracle,Financial Services Analytical Applications Infrastructure,7.1,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14604,https://securityvulnerability.io/vulnerability/CVE-2020-14604,Unauthenticated Access Vulnerability in Oracle Financial Services Applications,"A vulnerability exists in Oracle Financial Services Analytical Applications Infrastructure that allows unauthenticated attackers with network access via HTTP to gain unauthorized read access to sensitive data. This can lead to potential exposure of confidential information within the application's accessible databases. Affected versions are 8.0.6 through 8.1.0, emphasizing the critical need for organizations to implement security patches and mitigate risks associated with unauthorized access to their financial data.",Oracle,Financial Services Analytical Applications Infrastructure,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14605,https://securityvulnerability.io/vulnerability/CVE-2020-14605,Unauthorized Data Manipulation Vulnerability in Oracle Financial Services Applications,"A security flaw in the Oracle Financial Services Analytical Applications Infrastructure allows an attacker with low privileges and network access via HTTP to manipulate sensitive data. Exploiting this vulnerability could lead to the unauthorized creation, deletion, or modification of critical data stored within the system. Organizations using affected versions must prioritize mitigation measures to protect their data integrity.",Oracle,Financial Services Analytical Applications Infrastructure,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-2793,https://securityvulnerability.io/vulnerability/CVE-2020-2793,Vulnerability in Oracle Financial Services Analytical Applications Infrastructure,"This vulnerability affects the Oracle Financial Services Analytical Applications Infrastructure, allowing low-privileged attackers with network access via HTTP to exploit the system. By leveraging this flaw, attackers can perform unauthorized actions such as creating, deleting, or modifying critical data within the application. Moreover, it permits unauthorized reading of certain subsets of data. This issue emphasizes the importance of securing access to sensitive applications to prevent data breaches and maintain integrity.",Oracle,Financial Services Analytical Applications Infrastructure,7.1,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2020-04-15T13:29:46.000Z,0
CVE-2020-2688,https://securityvulnerability.io/vulnerability/CVE-2020-2688,Remote Code Execution Vulnerability in Oracle Financial Services Analytical Applications,"An easily exploitable vulnerability exists in Oracle Financial Services Analytical Applications Infrastructure that enables low-privileged attackers to gain unauthorized access to sensitive data. This flaw allows attackers to manipulate and control critical data within the application. Affected versions include 8.0.4 through 8.0.8, making it imperative for organizations using this software to apply security patches promptly to prevent unauthorized updates, insertions, or deletions of data.",Oracle,Financial Services Analytical Applications Infrastructure,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:07.000Z,0
CVE-2019-2823,https://securityvulnerability.io/vulnerability/CVE-2019-2823,Unauthorized Access Vulnerability in Oracle Financial Services Applications,"A vulnerability exists in the Oracle Financial Services Analytical Applications Infrastructure, impacting versions 8.0.5 to 8.0.8. This flaw allows attackers with low-level privileges and network access via HTTP to compromise the system. Exploitation of this vulnerability can enable unauthorized updates, inserts, or deletions of data. Additionally, it opens the door to unauthorized read access to certain data within the Oracle Financial Services Analytical Applications Infrastructure, raising serious concerns for data integrity and confidentiality.",Oracle,Financial Services Analytical Applications Infrastructure,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2018-2660,https://securityvulnerability.io/vulnerability/CVE-2018-2660,,"Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. While the vulnerability is in Oracle Financial Services Analytical Applications Infrastructure, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Analytical Applications Infrastructure accessible data as well as unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Financial Services Analytical Applications Infrastructure. CVSS 3.0 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L).",Oracle,Financial Services Analytical Applications Infrastructure,7.4,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2018-2661,https://securityvulnerability.io/vulnerability/CVE-2018-2661,,"Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 7.3.5.x and 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Analytical Applications Infrastructure, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Analytical Applications Infrastructure accessible data as well as unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Financial Services Analytical Applications Infrastructure,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0