Banking trade finance process management
This hub aggregates every CVE we track for Banking trade finance process management, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
2
Critical
5
High
1
In CISA KEV
Severity distribution
MEDIUM7HIGH5CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 14 most recently published vulnerabilities affecting Banking trade finance process management.
- CVE-2022-21474Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit...5.9
- CVE-2022-22963In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression...KEV9.8
- CVE-2021-41973Apache MINA HTTP listener DOS6.5
- CVE-2021-29505XStream is vulnerable to a Remote Command Execution attack7.5
- CVE-2021-21409Possible request smuggling in HTTP/2 due missing validation of content-length5.9
- CVE-2021-27906A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file5.5
- CVE-2021-27807A carefully crafted PDF file can trigger an infinite loop while loading the file5.5
- CVE-2021-23337Command Injection7.2
- CVE-2020-28500Regular Expression Denial of Service (ReDoS)5.3
- CVE-2021-21290Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files6.2
- CVE-2020-26217Remote Code Execution in XStream8.0
- CVE-2020-8203Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.7.4
- CVE-2019-12399When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster ...7.5
- CVE-2019-0228Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.9.8
Product normalization is registry-driven with AI assist and human review. How it works