Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle retail applications 13.3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-0494
Unspecified vulnerability in the Oracle Retail Central Office component in Oracle Retail Applications 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote malicious users to affect integrity via unknown vectors.
Oracle Retail Applications 13.2
Oracle Retail Applications 13.3
Oracle Retail Applications 13.1
Oracle Retail Applications 13.4
Oracle Retail Applications 14.0
Oracle Retail Applications 14.1
383
VMScore
CVE-2015-0466
Unspecified vulnerability in the Oracle Retail Back Office component in Oracle Retail Applications 12.0, 12.0IN, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote malicious users to affect integrity via unknown vectors.
Oracle Retail Applications 12.0in
Oracle Retail Applications 13.0
Oracle Retail Applications 13.3
Oracle Retail Applications 13.4
Oracle Retail Applications 12.0
Oracle Retail Applications 14.0
Oracle Retail Applications 14.1
Oracle Retail Applications 13.1
Oracle Retail Applications 13.2
490
VMScore
CVE-2013-2397
Unspecified vulnerability in the Oracle Retail Central Office component in Oracle Industry Applications 13.1, 13.2, 13.3, and 13.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Customer Operations (Add, Search).
Oracle Industry Applications 13.3
Oracle Industry Applications 13.4
Oracle Industry Applications 13.1
Oracle Industry Applications 13.2
436
VMScore
CVE-2017-10423
Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP ...
Oracle Retail Back Office 13.4
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Retail Back Office 13.3
Oracle Retail Back Office 13.2
756
VMScore
CVE-2014-0050
MultipartStream.java in Apache Commons FileUpload prior to 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's ...
Oracle Retail Applications 12.0in
Oracle Retail Applications 13.0
Oracle Retail Applications 13.3
Oracle Retail Applications 13.2
Oracle Retail Applications 12.0
Oracle Retail Applications 14.0
Oracle Retail Applications 13.1
Oracle Retail Applications 13.4
Apache Tomcat 7.0.2
Apache Tomcat 7.0.49
Apache Tomcat 7.0.12
Apache Tomcat 7.0.20
Apache Tomcat 7.0.34
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.5
Apache Commons Fileupload 1.2.2
Apache Tomcat 7.0.4
Apache Tomcat 7.0.22
Apache Tomcat 7.0.39
Apache Tomcat 7.0.26
Apache Tomcat 7.0.46
1 EDB exploit
3 Github repositories
668
VMScore
CVE-2018-8013
In Apache Batik 1.x prior to 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deser...
Apache Batik
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Fusion Middleware Mapviewer 12.2.1.2
Oracle Enterprise Repository 12.1.3.0.0
Oracle Business Intelligence 11.1.1.9.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Business Intelligence 11.1.1.7.0
Oracle Retail Back Office 13.4
Oracle Retail Back Office 14.1
Oracle Retail Back Office 13.3
Oracle Business Intelligence 12.2.1.3.0
Oracle Communications Diameter Signaling Router
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 5.2
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Insurance Calculation Engine 10.2.1
Oracle Insurance Calculation Engine 10.1.1
1 Article
490
VMScore
CVE-2017-10065
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via ...
Oracle Retail Point-of-service 7.1.2
Oracle Retail Point-of-service 7.1.3
Oracle Retail Point-of-service 7.0.4
Oracle Retail Point-of-service 7.0.5
Oracle Retail Point-of-service 7.0.0
Oracle Retail Point-of-service 7.1.0
Oracle Retail Point-of-service 16.0.2
Oracle Retail Point-of-service 16.0.0.1
Oracle Retail Point-of-service 7.1.6
Oracle Retail Point-of-service 7.0.1
Oracle Retail Point-of-service 6.5.10
Oracle Retail Point-of-service 6.5.11
Oracle Retail Point-of-service 16.0.0
Oracle Retail Point-of-service 15.0.0
Oracle Retail Point-of-service 7.1.4
Oracle Retail Point-of-service 7.1.5
Oracle Retail Point-of-service 7.0.6
Oracle Retail Point-of-service 6.5.4
Oracle Retail Point-of-service 6.5.0
Oracle Retail Point-of-service 6.0.0
Oracle Retail Point-of-service 16.0.1
Oracle Retail Point-of-service 15.0.1
412
VMScore
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
97 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started