cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-22118,https://securityvulnerability.io/vulnerability/CVE-2023-22118,Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"A flaw in Oracle FLEXCUBE Universal Banking allows low-privileged attackers to exploit the system with network access via HTTP. The vulnerability necessitates human interaction for successful exploitation, which could lead to unauthorized modification or deletion of data. Additionally, it presents risks such as unauthorized read access to sensitive data and the potential for causing a partial denial of service. The effects may extend beyond FLEXCUBE, impacting other related products.",Oracle,Flexcube Universal Banking,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2023-22119,https://securityvulnerability.io/vulnerability/CVE-2023-22119,Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"An issue has been identified in Oracle FLEXCUBE Universal Banking, affecting versions 12.3, 12.4, and 14.0 to 14.7. This vulnerability allows a low privileged attacker with network access via HTTP to compromise the system, but it requires human interaction from a third party to succeed. If exploited, this vulnerability can lead to unauthorized access to sensitive data, permitting attackers to perform unauthorized operations such as updating, inserting, or deleting accessible data. Additionally, it poses a risk of causing a partial denial of service affecting Oracle FLEXCUBE operations.",Oracle,Flexcube Universal Banking,5.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2023-22117,https://securityvulnerability.io/vulnerability/CVE-2023-22117,Vulnerability in Oracle FLEXCUBE Universal Banking from Oracle Financial Services Applications,"A vulnerability in Oracle FLEXCUBE Universal Banking allows low-privileged attackers with network access via HTTP to exploit the system, requiring human interaction for successful execution. This security flaw can lead to unauthorized updates, inserts, or deletions of accessible data, along with unauthorized read access to certain data. The impact of successful exploitation may extend beyond FLEXCUBE, affecting additional products, making it crucial for users to address this vulnerability promptly.",Oracle,Flexcube Universal Banking,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2022-21579,https://securityvulnerability.io/vulnerability/CVE-2022-21579,Vulnerability in Oracle FLEXCUBE Universal Banking Affects Financial Services Applications,"A vulnerability in the Oracle FLEXCUBE Universal Banking product allows a low privileged attacker with network access via HTTP to compromise the system. The attack requires human interaction from another person, which complicates exploitation efforts. If successful, this vulnerability can lead to unauthorized creation, deletion, or modification of critical data, granting the attacker access to sensitive information within Oracle FLEXCUBE. Affected versions include 12.1 to 12.4 and 14.0 to 14.5, making it crucial for users to apply necessary security measures to safeguard their data against potential threats.",Oracle,Flexcube Universal Banking,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:08:35.000Z,0
CVE-2022-21578,https://securityvulnerability.io/vulnerability/CVE-2022-21578,Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle Financial Services Applications,"The vulnerability in Oracle FLEXCUBE Universal Banking allows a low-privileged attacker with network access over HTTP to exploit the system, requiring human interaction from an entity other than the attacker. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data and access to all data within Oracle FLEXCUBE Universal Banking. Additionally, it may enable a partial denial of service, impacting the availability of services provided by the application.",Oracle,Flexcube Universal Banking,6.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:08:34.000Z,0
CVE-2022-21577,https://securityvulnerability.io/vulnerability/CVE-2022-21577,Vulnerability in Oracle FLEXCUBE Universal Banking Product by Oracle,"A vulnerability exists in Oracle FLEXCUBE Universal Banking, allowing low-privileged network attackers to compromise the system through HTTP. The exploitation of this vulnerability necessitates human interaction, highlighting the need for user awareness in secure practices. Attackers could potentially create, delete, or modify critical data within the banking system. As a result, the integrity of accessible data could be severely impacted, enabling unauthorized access to sensitive information.",Oracle,Flexcube Universal Banking,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:08:32.000Z,0
CVE-2022-21576,https://securityvulnerability.io/vulnerability/CVE-2022-21576,Vulnerability in Oracle FLEXCUBE Universal Banking Product by Oracle,"A vulnerability exists in Oracle FLEXCUBE Universal Banking that could allow an attacker with low privileges and network access via HTTP to exploit the system. Successful exploitation may lead to unauthorized access to sensitive data, manipulation capabilities such as updates, inserts, or deletions, and potential partial denial of service. The affected versions include 12.3, 12.4, and 14.0 through 14.5, highlighting the necessity for users to update and secure their systems against possible threats.",Oracle,Flexcube Universal Banking,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:08:31.000Z,0
CVE-2022-21544,https://securityvulnerability.io/vulnerability/CVE-2022-21544,Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"A vulnerability exists in the Oracle FLEXCUBE Universal Banking product that enables an attacker with low privileges and HTTP network access to exploit the system. Successful exploitation requires human interaction, making it particularly insidious in nature. This can lead to a complete takeover of the banking application, thereby compromising confidentiality, integrity, and availability of sensitive financial data. Organizations using affected versions must prioritize patching to mitigate the risks associated with this vulnerability.",Oracle,Flexcube Universal Banking,7.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:07:35.000Z,0
CVE-2022-21428,https://securityvulnerability.io/vulnerability/CVE-2022-21428,Vulnerability in Oracle FLEXCUBE Universal Banking Affected by Network Access Exploit,"A vulnerability exists in Oracle FLEXCUBE Universal Banking that allows a low privileged attacker with network access via HTTP to exploit the system. Successful exploitation of this issue can facilitate the unauthorized creation, deletion, or modification of sensitive data, as well as provide unauthorized access to critical information. Additionally, the vulnerability permits a partial denial of service, impacting the availability of the service. Exploitation necessitates human interaction from individuals other than the attacker, which adds a layer of complexity to the attack dynamics. Organizations utilizing affected versions should take immediate action to protect their systems and data.",Oracle,Flexcube Universal Banking,6.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:06:31.000Z,0
CVE-2022-21472,https://securityvulnerability.io/vulnerability/CVE-2022-21472,Vulnerability in Oracle FLEXCUBE Universal Banking Product from Oracle,"A vulnerability exists in Oracle FLEXCUBE Universal Banking that allows low-privileged attackers with network access via HTTP to compromise the system. Exploitation requires human interaction from another individual. An attacker can unauthorizedly create, delete, or modify critical data, leading to potential unauthorized access to data and partial denial of service. Supported versions, including 12.4 and 14.0 through 14.5, are affected, emphasizing the need for immediate attention to safeguard sensitive information.",Oracle,Flexcube Universal Banking,5.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-04-19T20:38:14.000Z,0
CVE-2021-2323,https://securityvulnerability.io/vulnerability/CVE-2021-2323,Unauthorized Access Vulnerability in Oracle FLEXCUBE Universal Banking Product,"A vulnerability exists in Oracle FLEXCUBE Universal Banking that may allow unauthenticated users with network access via HTTP to gain unauthorized access to sensitive data. This flaw affects certain versions, enabling attackers to compromise critical information stored in the application, resulting in potential data breaches and loss of data privacy. It is essential for organizations using Oracle FLEXCUBE Universal Banking to mitigate the risks associated with this vulnerability by applying appropriate security measures.",Oracle,Flexcube Universal Banking,5.9,MEDIUM,0.0019600000232458115,false,,false,false,false,,,false,false,,2021-07-21T00:15:00.000Z,0
CVE-2021-2324,https://securityvulnerability.io/vulnerability/CVE-2021-2324,Vulnerability in Oracle FLEXCUBE Universal Banking Product by Oracle,"The vulnerability within Oracle's FLEXCUBE Universal Banking product enables low-privileged attackers to exploit certain conditions through HTTP. While it requires human interaction from targets, this vulnerability can lead to unauthorized modifications, deletions, and access to sensitive data. Attackers could gain the ability to alter or view data that should remain protected, resulting in severe threats to the integrity and confidentiality of banking transactions.",Oracle,Flexcube Universal Banking,4.6,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2021-07-21T00:15:00.000Z,0
CVE-2020-14887,https://securityvulnerability.io/vulnerability/CVE-2020-14887,Oracle FLEXCUBE Universal Banking Vulnerability in Oracle Financial Services Applications,"A vulnerability exists in Oracle FLEXCUBE Universal Banking within Oracle Financial Services Applications, specifically in its infrastructure component. This issue affects versions 12.3.0 and 14.0.0 through 14.4.0, allowing low-privileged attackers with network access via HTTP to exploit this weakness. If successfully exploited, this vulnerability can lead to unauthorized access to sensitive data or allow attackers to assume complete control over all accessible data within the Oracle FLEXCUBE Universal Banking environment. Organizations using the affected versions are recommended to apply the necessary security patches to safeguard their financial data.",Oracle,Flexcube Universal Banking,6.5,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2020-10-21T14:04:30.000Z,0
CVE-2020-2684,https://securityvulnerability.io/vulnerability/CVE-2020-2684,Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"An access control vulnerability exists in Oracle FLEXCUBE Universal Banking that can be exploited by low privileged attackers with network access via HTTP. This vulnerability allows these attackers to gain unauthorized access to sensitive data. Successful exploitation could lead to an attacker compromising the system and accessing potentially critical information. The affected versions range from 12.0.1 to 14.3.0, highlighting the importance of upgrading to secure releases as soon as possible.",Oracle,Flexcube Universal Banking,6.5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:07.000Z,0
CVE-2020-2685,https://securityvulnerability.io/vulnerability/CVE-2020-2685,Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"The Oracle FLEXCUBE Universal Banking product is susceptible to a vulnerability that enables unauthenticated network access via HTTP. This flaw could allow an attacker to manipulate the system by unauthorized actions such as updating, inserting, or deleting accessible data within FLEXCUBE. Importantly, successful exploitation requires human interaction from another individual, widening potential exposure. This vulnerability poses significant risks to data confidentiality and integrity, affecting versions between 12.0.1 and 14.3.0.",Oracle,Flexcube Universal Banking,5.4,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:07.000Z,0
CVE-2020-2699,https://securityvulnerability.io/vulnerability/CVE-2020-2699,Oracle FLEXCUBE Universal Banking Vulnerability in Infrastructure Component,"An access control vulnerability in Oracle FLEXCUBE Universal Banking, specifically within the Infrastructure component, allows low-privileged attackers with network access via HTTP to potentially compromise sensitive data. Successful exploitation could lead to unauthorized access to critical information stored within the database, as well as the ability to modify, insert, or delete data that the attacker can access. This vulnerability underscores the need for robust security measures and timely application of patches.",Oracle,Flexcube Universal Banking,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:07.000Z,0
CVE-2020-2700,https://securityvulnerability.io/vulnerability/CVE-2020-2700,Oracle FLEXCUBE Universal Banking Vulnerability in Infrastructure Component,"An improper access control vulnerability exists within the Oracle FLEXCUBE Universal Banking product, specifically in the Infrastructure component. This issue allows low-privileged attackers with network access via HTTP to exploit the system, potentially leading to unauthorized read access to some accessible data. Users of supported versions 12.0.1 through 12.4.0 and 14.0.0 through 14.3.0 are particularly at risk, as successful exploitation can compromise sensitive information. It is essential to implement necessary security measures to mitigate potential threats originating from this vulnerability.",Oracle,Flexcube Universal Banking,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:07.000Z,0
CVE-2020-2683,https://securityvulnerability.io/vulnerability/CVE-2020-2683,Exploitable Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"An exploitable vulnerability exists in the Oracle FLEXCUBE Universal Banking product, affecting versions 12.0.1 to 12.4.0 and 14.0.0 to 14.3.0. This vulnerability allows a low privileged attacker with network access via HTTPS to manipulate data. Successful exploitation could lead to unauthorized updates, inserts, or deletions of accessible data and grant unauthorized read access to certain data within Oracle FLEXCUBE Universal Banking. Organizations using the affected versions are advised to apply necessary patches and ensure their systems are secured.",Oracle,Flexcube Universal Banking,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:06.000Z,0
CVE-2019-2840,https://securityvulnerability.io/vulnerability/CVE-2019-2840,Vulnerability in Oracle FLEXCUBE Universal Banking Component by Oracle,"A vulnerability exists in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications that could enable a low privileged attacker with network access via HTTP to compromise the system. Exploitation of this vulnerability requires human interaction from another individual. Successful attacks can lead to unauthorized access to critical data within the FLEXCUBE infrastructure, presenting significant security risks to financial institutions relying on this software. Affected versions range from 12.0.1 to 14.2.0.",Oracle,Flexcube Universal Banking,5.7,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2839,https://securityvulnerability.io/vulnerability/CVE-2019-2839,Oracle FLEXCUBE Universal Banking Vulnerability in Financial Services Applications,"A vulnerability exists in the Oracle FLEXCUBE Universal Banking component that may allow a low-privileged attacker with network access via HTTP to gain unauthorized access to sensitive data. This flaw affects supported versions ranging from 12.1.0 to 14.2.0, enabling successful exploitation to potentially allow full access to critical banking data. The vulnerability highlights the importance of securing financial applications to prevent data breaches.",Oracle,Flexcube Universal Banking,5.3,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2794,https://securityvulnerability.io/vulnerability/CVE-2019-2794,Unauthenticated Data Access Vulnerability in Oracle FLEXCUBE Universal Banking,"An identified vulnerability in the Oracle FLEXCUBE Universal Banking system allows unauthenticated attackers with network access to remotely compromise the product. This flaw enables unauthorized read access to a subset of sensitive data within the system, potentially leading to data exposure without the need for authentication. Affected versions include 12.0.1 through 12.0.3, 12.1.0 through 12.4.0, and 14.0.0 through 14.2.0.",Oracle,Flexcube Universal Banking,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2793,https://securityvulnerability.io/vulnerability/CVE-2019-2793,Exploitable Vulnerability in Oracle FLEXCUBE Universal Banking,"This vulnerability in Oracle FLEXCUBE Universal Banking allows a low-privileged attacker to exploit the system through HTTP access. Although the attacker requires human interaction from an uninvolved party, successful exploitation could lead to a partial denial of service, disrupting the availability of the application. This vulnerability affects several versions, including those from 12.0.1 to 14.2.0, highlighting the importance of security measures and updates for users of Oracle's financial services software.",Oracle,Flexcube Universal Banking,3.5,LOW,0.0005300000193528831,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2790,https://securityvulnerability.io/vulnerability/CVE-2019-2790,Database Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"A vulnerability exists in Oracle FLEXCUBE Universal Banking that allows low privileged attackers with network access via HTTP to gain unauthorized access. If exploited, this flaw can enable attackers to manipulate data by performing unauthorized updates, inserts, or deletions, while also allowing unauthorized read access to sensitive data within the application. This flaw affects multiple versions of the product, posing risks to the confidentiality and integrity of the financial data managed by Oracle FLEXCUBE Universal Banking.",Oracle,Flexcube Universal Banking,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2754,https://securityvulnerability.io/vulnerability/CVE-2019-2754,Oracle FLEXCUBE Universal Banking Vulnerability in Infrastructure Component,"A vulnerability exists in the Oracle FLEXCUBE Universal Banking component that allows low privileged attackers with network access via HTTP to compromise the system. This flaw permits unauthorized creation, deletion, or modification of critical data, posing significant risks to the integrity and confidentiality of all accessible data within Oracle FLEXCUBE Universal Banking. Attackers can exploit this issue to gain access to sensitive information, which necessitates heightened security measures and prompt remediation.",Oracle,Flexcube Universal Banking,8.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2744,https://securityvulnerability.io/vulnerability/CVE-2019-2744,Vulnerability in Oracle FLEXCUBE Universal Banking by Oracle,"This vulnerability exists in the Oracle FLEXCUBE Universal Banking component, allowing unauthenticated attackers with network access via HTTP to compromise its integrity and confidentiality. Although primarily impacting Oracle FLEXCUBE, successful exploitation may lead to unauthorized updates, inserts, or deletions of accessible data. Attackers need human interaction from a third party to successfully exploit this flaw. The implications can extend to other related products, posing a significant risk to overall data security and operational integrity within the banking environment.",Oracle,Flexcube Universal Banking,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0