Where
-Infinity
0

Trending

Last week
Last month
Last year

Oracle Retail Xstore Point of ServiceDenial of Service by injecting highly recursive collections or maps in XStream

Risk 45
Severity
7.5
First published (updated )
CVE-2021-43859

Apache Log4jApache log4j2 log messages substitution (CVE-2021-44228)

Risk 99
Severity
9.8
Zeroday
First published (updated )
CVE-2021-44832

Oracle Retail Financial IntegrationBypass of the secureValidation property

Risk 45
Severity
7.5
First published (updated )
CVE-2021-40690

Oracle Banking Digital ExperienceVulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versi…

Risk 71
Severity
8.3
First published (updated )
CVE-2021-2351

Eclipse JettyEclipse Jetty could allow a remote attacker to bypass security restrictions, caused by a flaw when G…

Risk 37
Severity
4.8
First published (updated )
CVE-2020-27218
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Eclipse JettyRace Condition

Risk 65
Severity
7
First published (updated )
CVE-2020-27216

Oracle Banking PlatformCode Injection

Risk 46
Severity
7.5
First published (updated )
CVE-2020-11979

Oracle Retail Xstore Point of ServiceRFD Protection Bypass via jsessionid

Risk 64
Severity
8.7
First published (updated )
CVE-2020-5421

ORACLE FLEXCUBE Private BankingCode Injection

Risk 89
Severity
9.8
First published (updated )
CVE-2020-11998

Oracle FLEXCUBE Private BankingLast updated 24 July 2024

Risk 38
Severity
5.9
First published (updated )
CVE-2020-13920
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.apache.activemq:activemq-parentActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind

Risk 79
Severity
8.1
First published (updated )
CVE-2021-26117

VMware Spring IntegrationKryo Configuration Allows Code Execution with Unknown "Serialization Gadgets"

Risk 86
Severity
9.8
First published (updated )
CVE-2020-5413

IBM Data Virtualization on Cloud Pak for DataXSS

Risk 40
Severity
6.1
First published (updated )
CVE-2020-1941

redhat/camelApache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.2…

Risk 88
Severity
9.8
First published (updated )
CVE-2020-11973

ORACLE Communications Diameter Intelligence HubInput Validation

Risk 45
Severity
7.5
First published (updated )
CVE-2020-11971
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/camelApache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, …

Risk 88
Severity
9.8
First published (updated )
CVE-2020-11972

Oracle Retail Integration BusLast updated 25 August 2025

Risk 41
Severity
6.5
First published (updated )
CVE-2020-1945

Oracle Retail Order Broker Cloud ServiceImproper validation of certificate with host mismatch in Apache Log4j SMTP appender prior to version…

Risk 24
Severity
3.7
First published (updated )
CVE-2020-9488

Oracle Primavera UnifierA carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or c…

Risk 32
Severity
5.5
First published (updated )
CVE-2020-9489

Oracle Business Process Management SuiteLast updated 29 July 2025

Risk 33
Severity
5.5
First published (updated )
CVE-2020-1951
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Oracle Business Process Management SuiteLast updated 29 July 2025

Risk 33
Severity
5.5
First published (updated )
CVE-2020-1950

Oracle Insurance Policy Administration J2EECSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFlux

Risk 28
Severity
5.3
First published (updated )
CVE-2020-5397

redhat/eap7-apache-cxfXSS

Risk 39
Severity
6.1
First published (updated )
CVE-2019-17573

IBM Security GuardiumApache CXF could allow a remote attacker to obtain sensitive information, caused by a flaw when ship…

Risk 45
Severity
7.5
First published (updated )
CVE-2019-12423

Oracle Insurance Policy Administration J2EERFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application

Risk 71
Severity
8
First published (updated )
CVE-2020-5398
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

IBM Security GuardiumApache CXF is vulnerable to a denial of service, caused by the failure to restrict the number of mes…

Risk 39
Severity
6.5
First published (updated )
CVE-2019-12406

redhat/cxfA flaw was found in cxf in versions prior to 3.2.11 and 3.3.4. The access token services do not prop…

Risk 88
Severity
9.8
First published (updated )
CVE-2019-12419

Oracle Banking PlatformXSS, XEE

Risk 33
Severity
5.5
First published (updated )
CVE-2019-12415

Oracle Banking PlatformOracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability

Risk 87
Severity
9.8
First published (updated )
CVE-2019-2904

Apache TomEEThe ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory all…

Risk 43
Severity
7.5
First published (updated )
CVE-2019-17359
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203