Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
oracle retail xstore point of service 17.0 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-12536
In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can...
Eclipse Jetty
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0.0
Oracle Retail Xstore Point Of Service 17.0
1 Github repository available
7.5
CVSSv3
CVE-2017-9735
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords....
Eclipse Jetty
Debian Debian Linux 9.0
Oracle Communications Cloud Native Core Policy 1.5.0
Oracle Enterprise Manager Base Platform 13.2
Oracle Enterprise Manager Base Platform 13.3
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Rest Data Services 11.2.0.4
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 18c
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
7.5
CVSSv3
CVE-2019-5427
c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration....
Mchange C3p0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Communications Ip Service Activator 7.3.0
Oracle Communications Ip Service Activator 7.4.0
Oracle Communications Session Route Manager
Oracle Documaker
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
3 Github repositories available
5.5
CVSSv3
CVE-2018-11797
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree....
Apache Pdfbox
Apache Pdfbox 2.0
Apache Pdfbox 2.0.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Oracle Retail Xstore Point Of Service 17.0
3 Github repositories available
9.8
CVSSv3
CVE-2019-16335
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540....
Fasterxml Jackson-databind
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand Api Services -
Netapp Oncommand Workflow Automation -
Netapp Steelstore Cloud Integrated Storage -
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Banking Platform 2.4.0
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Customer Management And Segmentation Foundation 18.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Global Lifecycle Management Opatch
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Goldengate Stream Analytics
Oracle Primavera Gateway 15.2
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway
Oracle Primavera Gateway 18.8.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Weblogic Server 12.2.1.3.0
3 Github repositories available
9.8
CVSSv3
CVE-2020-9547
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap)....
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Platform
Oracle Communications Contacts Server 8.0.0.4.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Network Charging And Control
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Global Lifecycle Management Opatch
Oracle Jd Edwards Enterpriseone Orchestrator
Oracle Jd Edwards Enterpriseone Tools
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
24 Github repositories available
9.8
CVSSv3
CVE-2017-7657
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size...
Eclipse Jetty
Debian Debian Linux 9.0
Netapp Hci Storage Nodes -
Netapp E-series Santricity Os Controller
Netapp Oncommand Unified Manager
Netapp Snap Creator Framework
Netapp Snapcenter
Netapp Snapmanager
Netapp E-series Santricity Management -
Netapp E-series Santricity Web Services -
Netapp Element Software -
Netapp Element Software Management Node -
Netapp Santricity Cloud Connector -
Netapp Oncommand System Manager 3.x
Hp Xp P9000 Command View
Oracle Rest Data Services 11.2.0.4
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 18c
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
2 Github repositories available
9.8
CVSSv3
CVE-2017-7658
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the...
Eclipse Jetty
Debian Debian Linux 9.0
Oracle Rest Data Services 11.2.0.4
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 18c
Oracle Retail Xstore Payment 3.3
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Hp Xp P9000 Command View
Netapp E-series Santricity Management -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Oncommand System Manager
Netapp Oncommand Unified Manager For 7-mode -
Netapp Santricity Cloud Connector -
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Snapmanager -
Netapp Solidfire -
Netapp Storage Services Connector -
2 Github repositories available
2 Articles available
8.1
CVSSv3
CVE-2020-11620
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly)....
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Active Iq Unified Manager
Netapp Steelstore Cloud Integrated Storage -
Oracle Banking Platform
Oracle Communications Contacts Server 8.0.0.4.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Network Charging And Control 6.0.1
Oracle Communications Network Charging And Control
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Global Lifecycle Management Opatch
Oracle Jd Edwards Enterpriseone Orchestrator
Oracle Jd Edwards Enterpriseone Tools
Oracle Primavera Unifier 16.1
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Retail Merchandising System 15.0
Oracle Retail Sales Audit 14.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
4 Github repositories available
7.5
CVSSv3
CVE-2019-12402
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by...
Apache Commons Compress
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Retail Xstore Point Of Service 15.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Integration Bus 15.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Flexcube Investor Servicing 12.4.0
Oracle Peoplesoft Enterprise Pt Peopletools 8.56
Oracle Retail Xstore Point Of Service 16.0
Oracle Banking Payments
Oracle Banking Platform 2.6.2
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.8.0
Oracle Banking Platform 2.9.0
Oracle Communications Ip Service Activator 7.3.0
Oracle Communications Ip Service Activator 7.4.0
Oracle Communications Session Route Manager
Oracle Customer Management And Segmentation Foundation 18.0
Oracle Flexcube Investor Servicing 14.0.0
Oracle Flexcube Investor Servicing 14.1.0
Oracle Hyperion Infrastructure Technology 11.1.2.4
Oracle Jdeveloper 12.2.1.4.0
Oracle Primavera Gateway
Oracle Primavera Gateway 19.12.0
Oracle Retail Integration Bus 16.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Essbase 21.2
Oracle Peoplesoft Enterprise Pt Peopletools 8.57
Oracle Peoplesoft Enterprise Pt Peopletools 8.58
2 Github repositories available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-2817
CVE-2022-37400
CVE-2022-37042
unspecified
CVE-2021-30873
firmware
CVE-2022-37447
firewall
CVE-2020-23622
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »
Vulmon