Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle retail xstore point of service 18.0.1 vulnerabilities and exploits
(subscribe to this query)
2.7
CVSSv3
CVE-2019-2872
Vulnerability in the Oracle Retail Xstore Point of Service product of Oracle Retail Applications (component: Point of Sale). Supported versions that are affected are 17.0.3, 18.0.1 and 19.0.0. Difficult to exploit vulnerability allows physical access to compromise Oracle Retail X...
Oracle Retail Xstore Point Of Service 18.0.1
Oracle Retail Xstore Point Of Service 19.0.0
Oracle Retail Xstore Point Of Service 17.0.3
3.7
CVSSv3
CVE-2020-9488
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1
Apache Log4j
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Integration Bus 14.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Core Banking 5.2.0
Oracle Retail Integration Bus 15.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Weblogic Server 10.3.6.0.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Retail Integration Bus 16.0
Oracle Primavera Unifier 18.8
Oracle Retail Customer Management And Segmentation Foundation 16.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Retail Customer Management And Segmentation Foundation 18.0
Oracle Policy Automation Connector For Siebel 10.4.6
Oracle Data Integrator 12.2.1.3.0
Oracle Jd Edwards World Security A9.4
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Utilities Framework 4.4.0.0.0
3 Github repositories
1 Article
7.5
CVSSv3
CVE-2019-17359
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.63
Apache Tomee 7.0.7
Apache Tomee 7.1.2
Apache Tomee 8.0.1
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Hospitality Guest Access 4.2.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Soa Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Xstore Point Of Service 18.0.1
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
6.1
CVSSv3
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Redhat Hibernate Validator
Redhat Hibernate Validator 6.1.0
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Netapp Active Iq Unified Manager -
Netapp Element -
Netapp Snapcenter Plug-in -
Netapp Management Services For Element Software And Netapp Hci -
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Solaris 11
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started