cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-2141,https://securityvulnerability.io/vulnerability/CVE-2021-2141,Oracle Financial Services FLEXCUBE Direct Banking Vulnerability in Pre Login Component,"A vulnerability in Oracle FLEXCUBE Direct Banking's Pre Login component allows a high-privileged attacker with network access to exploit the system. Although difficult to exploit, it requires human interaction from an unsuspecting user, which poses a risk of unauthorized updates, insertions, or deletions of sensitive data. Maintainers of the product should take proactive measures to mitigate this vulnerability and ensure the integrity of their banking systems.",Oracle,Flexcube Direct Banking,2,LOW,0.0005699999746866524,false,,false,false,false,,,false,false,,2021-04-22T21:53:44.000Z,0
CVE-2020-14897,https://securityvulnerability.io/vulnerability/CVE-2020-14897,Unauthenticated Access Vulnerability in Oracle FLEXCUBE Direct Banking,"The vulnerability in Oracle FLEXCUBE Direct Banking within Oracle Financial Services Applications allows an unauthenticated attacker to exploit network access via HTTP. Although successful exploitation relies on human interaction from a user other than the attacker, it poses significant risks by potentially granting unauthorized access to sensitive data. This issue affects multiple supported versions, with attackers being able to compromise the system and access critical data, ultimately leading to data breach incidents.",Oracle,Flexcube Direct Banking,6.5,MEDIUM,0.0019600000232458115,false,,false,false,false,,,false,false,,2020-10-21T14:04:31.000Z,0
CVE-2020-14890,https://securityvulnerability.io/vulnerability/CVE-2020-14890,Vulnerability in Oracle FLEXCUBE Direct Banking Affects Multiple Versions,"A vulnerability exists in the Oracle FLEXCUBE Direct Banking product that allows an unauthenticated attacker with network access via HTTP to compromise the system. This flaw affects supported versions 12.0.1, 12.0.2, and 12.0.3. While successful exploitation requires human interaction from a user other than the attacker, it can lead to unauthorized access to sensitive data, potentially exposing critical information within the FLEXCUBE Direct Banking environment.",Oracle,Flexcube Direct Banking,6.5,MEDIUM,0.0019600000232458115,false,,false,false,false,,,false,false,,2020-10-21T14:04:30.000Z,0
CVE-2019-2979,https://securityvulnerability.io/vulnerability/CVE-2019-2979,Vulnerability in Oracle FLEXCUBE Direct Banking by Oracle,"A vulnerability exists in Oracle FLEXCUBE Direct Banking allowing low privileged attackers with HTTP network access to compromise the system. Exploiting this vulnerability may allow unauthorized individuals to create, delete, or modify critical data, affecting the integrity of all accessible banking data. Successful exploitation necessitates human interaction from a user other than the attacker, raising serious security implications for organizations utilizing affected versions 12.0.2 and 12.0.3.",Oracle,Flexcube Direct Banking,5.7,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-10-16T17:40:57.000Z,0
CVE-2019-2980,https://securityvulnerability.io/vulnerability/CVE-2019-2980,Vulnerability in Oracle FLEXCUBE Direct Banking Product from Oracle,"A vulnerability exists in the Oracle FLEXCUBE Direct Banking product, specifically in its email component, that allows low-privileged attackers with network access via HTTP to compromise the system. Attackers can exploit this vulnerability to gain unauthorized access to sensitive data, potentially leading to a complete breach of all data accessible through Oracle FLEXCUBE Direct Banking. This flaw underscores the importance of securing network communications and access controls within financial applications.",Oracle,Flexcube Direct Banking,6.5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-10-16T17:40:57.000Z,0
CVE-2019-2549,https://securityvulnerability.io/vulnerability/CVE-2019-2549,,"Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff Page). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Direct Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Direct Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Flexcube Direct Banking,6.1,MEDIUM,0.0006699999794363976,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2550,https://securityvulnerability.io/vulnerability/CVE-2019-2550,,"Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff Page). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).",Oracle,Flexcube Direct Banking,4.3,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-2674,https://securityvulnerability.io/vulnerability/CVE-2018-2674,,"Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Direct Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Direct Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Flexcube Direct Banking,6.1,MEDIUM,0.0013899999903514981,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2017-10181,https://securityvulnerability.io/vulnerability/CVE-2017-10181,,"Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Forgot Password). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle FLEXCUBE Direct Banking as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Direct Banking accessible data and unauthorized read access to a subset of Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 6.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H).",Oracle,Flexcube Direct Banking,6.8,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-3495,https://securityvulnerability.io/vulnerability/CVE-2017-3495,,"Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Pre-Login). Supported versions that are affected are 12.0.2 and 12.0.3. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Direct Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Direct Banking accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).",Oracle,Flexcube Direct Banking,4.7,MEDIUM,0.001180000021122396,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3245,https://securityvulnerability.io/vulnerability/CVE-2017-3245,,"Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Pre-Login). Supported versions that are affected are 12.0.2 and 12.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Direct Banking, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Direct Banking accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).",Oracle,Flexcube Direct Banking,4.7,MEDIUM,0.001180000021122396,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3297,https://securityvulnerability.io/vulnerability/CVE-2017-3297,,Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Framework). Supported versions that are affected are 12.0.2 and 12.0.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Direct Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Direct Banking accessible data. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).,Oracle,Flexcube Direct Banking,5.3,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2016-3589,https://securityvulnerability.io/vulnerability/CVE-2016-3589,,"Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Applications 12.0.1, 12.0.2, and 12.0.3 allows remote attackers to affect confidentiality and integrity via unknown vectors.",Oracle,Flexcube Direct Banking,6.1,MEDIUM,0.0016199999954551458,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-0699,https://securityvulnerability.io/vulnerability/CVE-2016-0699,,Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to the Login sub-component.,Oracle,Flexcube Direct Banking,9.1,CRITICAL,0.003010000102221966,false,,false,false,false,,,false,false,,2016-04-21T10:00:00.000Z,0
CVE-2016-3463,https://securityvulnerability.io/vulnerability/CVE-2016-3463,,Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login.,Oracle,Flexcube Direct Banking,6.1,MEDIUM,0.001339999958872795,false,,false,false,false,,,false,false,,2016-04-21T10:00:00.000Z,0
CVE-2016-3464,https://securityvulnerability.io/vulnerability/CVE-2016-3464,,Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote authenticated users to affect confidentiality via vectors related to Accounts.,Oracle,Flexcube Direct Banking,5.7,MEDIUM,0.001019999966956675,false,,false,false,false,,,false,false,,2016-04-21T10:00:00.000Z,0
CVE-2016-0672,https://securityvulnerability.io/vulnerability/CVE-2016-0672,,Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.2 and 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login.,Oracle,Flexcube Direct Banking,6.1,MEDIUM,0.001339999958872795,false,,false,false,false,,,false,false,,2016-04-21T10:00:00.000Z,0