cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-14569,https://securityvulnerability.io/vulnerability/CVE-2020-14569,Unauthorized Access Vulnerability in Oracle FLEXCUBE Investor Servicing,"This vulnerability in Oracle FLEXCUBE Investor Servicing allows an attacker with low privileges and network access via HTTP to gain unauthorized creation, deletion, or modification capabilities concerning critical data. A successful exploitation could lead to substantial breaches of confidentiality and integrity, affecting all accessible data within the Oracle FLEXCUBE system. This issue underscores the importance of securing network access to sensitive financial applications.",Oracle,Flexcube Investor Servicing,8.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-07-15T17:34:27.000Z,0
CVE-2020-2724,https://securityvulnerability.io/vulnerability/CVE-2020-2724,Weakness in Oracle FLEXCUBE Investor Servicing Product of Oracle Financial Services,"A security issue exists in Oracle FLEXCUBE Investor Servicing affecting multiple versions, where low-privileged attackers with network access can exploit this flaw. By leveraging HTTP protocols, these attackers could gain unauthorized read access to sensitive data within the system. This vulnerability underscores the importance of implementing robust security measures and regular updates to safeguard against potential exploit attempts.",Oracle,Flexcube Investor Servicing,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2723,https://securityvulnerability.io/vulnerability/CVE-2020-2723,Unauthorized Access Vulnerability in Oracle FLEXCUBE Investor Servicing by Oracle,"A vulnerability exists in Oracle FLEXCUBE Investor Servicing, part of Oracle Financial Services Applications, that permits low-privileged attackers with network access via HTTP to potentially compromise the system. Exploiting this vulnerability can lead to unauthorized access to sensitive data within Oracle FLEXCUBE Investor Servicing. Attackers may gain complete access to all accessible data and have the ability to perform unauthorized operations such as update, insert, or delete on some of the data stored in the system. This highlights the necessity for prompt remediation to protect critical information.",Oracle,Flexcube Investor Servicing,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2721,https://securityvulnerability.io/vulnerability/CVE-2020-2721,Remote Code Execution Vulnerability in Oracle FLEXCUBE Investor Servicing,"A vulnerability in the Oracle FLEXCUBE Investor Servicing product could allow a low-privileged attacker to gain unauthorized access to sensitive data. This issue is particularly concerning as it can be exploited remotely via HTTP, providing a route for potential data breaches. Affected versions include 12.1.0 to 12.4.0 and 14.0.0 to 14.1.0, making it crucial for organizations to quickly assess their systems and apply necessary patches. If successfully exploited, attackers may obtain critical data, emphasizing the importance of immediate remediation steps.",Oracle,Flexcube Investor Servicing,6.5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2722,https://securityvulnerability.io/vulnerability/CVE-2020-2722,Unauthorized Access Vulnerability in Oracle FLEXCUBE Investor Servicing by Oracle,"The vulnerability in Oracle FLEXCUBE Investor Servicing allows unauthenticated attackers with network access via HTTP to potentially compromise the system. Successful exploitation requires human interaction from the victim, leading to unauthorized updates, inserts, or deletions of accessible data, as well as potential unauthorized read access to certain data within Oracle FLEXCUBE Investor Servicing. This vulnerability primarily affects versions 12.1.0 through 12.4.0 and 14.0.0 through 14.1.0, representing critical risks for institutions utilizing this product within financial services.",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2720,https://securityvulnerability.io/vulnerability/CVE-2020-2720,Vulnerability in Oracle FLEXCUBE Investor Servicing by Oracle,"The vulnerability in Oracle FLEXCUBE Investor Servicing allows an unauthenticated, low-privileged attacker with network access via HTTP to gain unauthorized access to sensitive data. Exploitation may lead to an unauthorized update, delete, or insert actions on accessible data, as well as unauthorized reading of a subset of data. This vulnerability primarily affects versions 12.1.0 through 12.4.0 and 14.0.0 to 14.1.0, posing a risk to data confidentiality and integrity.",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2019-2841,https://securityvulnerability.io/vulnerability/CVE-2019-2841,Exploitation of Vulnerability in Oracle FLEXCUBE Investor Servicing by Oracle,"This vulnerability affects the Oracle FLEXCUBE Investor Servicing component, allowing a low privileged attacker with network access to HTTP to exploit the system. Attackers can gain unauthorized capabilities to create, delete or modify critical data. This can lead to severe implications for the integrity and confidentiality of valuable information within the Oracle FLEXCUBE Investor Servicing platform.",Oracle,Flexcube Investor Servicing,8.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2845,https://securityvulnerability.io/vulnerability/CVE-2019-2845,Vulnerability in Oracle FLEXCUBE Investor Servicing by Oracle,"An exploitable vulnerability exists in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications. This issue impacts multiple versions and allows a low privileged attacker with network access via HTTP to compromise the system. Successful exploitation requires human interaction from a user other than the attacker, which makes this vulnerability particularly concerning. An attacker could potentially utilize this flaw to induce a partial denial of service, disrupting the availability of Oracle FLEXCUBE Investor Servicing. Appropriate measures should be taken to mitigate risks associated with this vulnerability.",Oracle,Flexcube Investor Servicing,3.5,LOW,0.0005300000193528831,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2846,https://securityvulnerability.io/vulnerability/CVE-2019-2846,Unauthorized Access Vulnerability in Oracle FLEXCUBE Investor Servicing,"An exploitable vulnerability exists in Oracle FLEXCUBE Investor Servicing, allowing an unauthenticated attacker with network access via HTTP to gain unauthorized read access to certain data within the application. Affected versions include 12.0.1, 12.0.3, 12.0.4, 12.1.0, 12.3.0, 12.4.0, 14.0.0, and 14.1.0. Users are advised to review their configurations and apply recommended patches to mitigate the risk.",Oracle,Flexcube Investor Servicing,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2847,https://securityvulnerability.io/vulnerability/CVE-2019-2847,Oracle FLEXCUBE Investor Servicing Vulnerability in Financial Services Applications,"A vulnerability exists in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications, enabling low privileged attackers with network access via HTTP to potentially compromise the system. Exploitation of this vulnerability necessitates user interaction from an entity other than the attacker. Successful exploitation can lead to unauthorized access to sensitive data or total access to data within the Oracle FLEXCUBE Investor Servicing platform, posing serious risks to data confidentiality.",Oracle,Flexcube Investor Servicing,5.7,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2736,https://securityvulnerability.io/vulnerability/CVE-2019-2736,Unauthenticated Access Flaw in Oracle FLEXCUBE Investor Servicing by Oracle,"An unauthenticated access vulnerability exists in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications. This flaw allows attackers with network access via HTTP to compromise the affected component. Although an attacker requires human interaction to exploit this vulnerability, successful exploitation can lead to unauthorized update, insertion, or deletion of data. It may also permit unauthorized read access to sensitive data within Oracle FLEXCUBE Investor Servicing. This vulnerability affects multiple versions of the product and poses a significant risk to the integrity and confidentiality of accessible data.",Oracle,Flexcube Investor Servicing,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2843,https://securityvulnerability.io/vulnerability/CVE-2019-2843,Vulnerability in Oracle FLEXCUBE Investor Servicing Component,"The Oracle FLEXCUBE Investor Servicing component suffers from an improper access control vulnerability, potentially allowing low privileged attackers with network access via HTTP to exploit the system. This could lead to unauthorized modifications, including updates, insertions, or deletions of accessible data. Moreover, the vulnerability permits unauthorized reading of specific data within the Oracle FLEXCUBE Investor Servicing environment, impacting the confidentiality and integrity of critical financial information.",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2018-2898,https://securityvulnerability.io/vulnerability/CVE-2018-2898,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Investor Servicing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Flexcube Investor Servicing,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3029,https://securityvulnerability.io/vulnerability/CVE-2018-3029,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Flexcube Investor Servicing,5.3,MEDIUM,0.0013099999632686377,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3031,https://securityvulnerability.io/vulnerability/CVE-2018-3031,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Investor Servicing. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3032,https://securityvulnerability.io/vulnerability/CVE-2018-3032,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3033,https://securityvulnerability.io/vulnerability/CVE-2018-3033,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).",Oracle,Flexcube Investor Servicing,5.3,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3034,https://securityvulnerability.io/vulnerability/CVE-2018-3034,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle FLEXCUBE Investor Servicing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3035,https://securityvulnerability.io/vulnerability/CVE-2018-3035,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Flexcube Investor Servicing,8.1,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3030,https://securityvulnerability.io/vulnerability/CVE-2018-3030,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle FLEXCUBE Investor Servicing. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",Oracle,Flexcube Investor Servicing,6.5,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3028,https://securityvulnerability.io/vulnerability/CVE-2018-3028,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 12.0.4, 12.1.0, 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Investor Servicing. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).",Oracle,Flexcube Investor Servicing,6.3,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2017-3487,https://securityvulnerability.io/vulnerability/CVE-2017-3487,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N).",Oracle,Flexcube Investor Servicing,3.1,LOW,0.0008299999753944576,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3288,https://securityvulnerability.io/vulnerability/CVE-2017-3288,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3489,https://securityvulnerability.io/vulnerability/CVE-2017-3489,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Security Management System). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Flexcube Investor Servicing,5.4,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3488,https://securityvulnerability.io/vulnerability/CVE-2017-3488,,"Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Unit Trust). Supported versions that are affected are 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.1.0, 12.2.0 and 12.3.0. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).",Oracle,Flexcube Investor Servicing,6.5,MEDIUM,0.000859999970998615,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0