Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle retail central office 14.1.3 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2018-2738
Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
Oracle Retail Central Office 13.4.9
Oracle Retail Central Office 14.0.4
Oracle Retail Central Office 14.1.3
5.1
CVSSv2
CVE-2021-2351
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced N...
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Retail Store Inventory Management 14.1
Oracle Ilearning 6.2
Oracle Hospitality Suite8 8.10.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Flexcube Investor Servicing 12.4.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Hospitality Reporting And Analytics 9.1.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Predictive Application Server 15.0.3
4.3
CVSSv2
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
75 Github repositories
5 Articles
4.3
CVSSv2
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant before 1.9.16 and 1.10.11 were aff...
Apache Ant
Oracle Retail Store Inventory Management 14.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Retail Central Office 14.0
Oracle Retail Central Office 14.1
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Point-of-service 14.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Primavera Unifier
Oracle Utilities Framework 4.4.0.0.0
Oracle Agile Plm 9.3.6
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Store Inventory Management 16.0
Oracle Primavera Unifier 19.12
Oracle Utilities Framework
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Unified Inventory Management 7.3.0
4.3
CVSSv2
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats ...
Apache Ant
Oracle Retail Store Inventory Management 14.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Retail Central Office 14.0
Oracle Retail Central Office 14.1
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Point-of-service 14.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Primavera Unifier
Oracle Utilities Framework 4.4.0.0.0
Oracle Agile Plm 9.3.6
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Store Inventory Management 16.0
Oracle Primavera Unifier 19.12
Oracle Utilities Framework
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Unified Inventory Management 7.3.0
4.3
CVSSv2
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Redhat Hibernate Validator
Redhat Hibernate Validator 6.1.0
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Netapp Active Iq Unified Manager -
Netapp Element -
Netapp Snapcenter Plug-in -
Netapp Management Services For Element Software And Netapp Hci -
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Solaris 11
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
4.3
CVSSv2
CVE-2018-1271
Spring Framework, versions 5.0 before 5.0.5 and versions 4.3 before 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to th...
Vmware Spring Framework
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Application Testing Suite 12.5.0.3
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Retail Open Commerce Platform 6.0.1
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Diameter Signaling Router
Oracle Communications Performance Intelligence Center
Oracle Insurance Rules Palette 10.0
Oracle Insurance Rules Palette 10.2
Oracle Communications Services Gatekeeper
Oracle Health Sciences Information Manager 3.0
Oracle Healthcare Master Person Index 3.0
Oracle Healthcare Master Person Index 4.0
Oracle Insurance Calculation Engine 10.2
1 Github repository
3.3
CVSSv2
CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory bac...
Apache Ant
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Retail Integration Bus 14.1
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Store Inventory Management 14.1
Oracle Primavera Unifier 16.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Flexcube Investor Servicing 12.4.0
2.6
CVSSv2
CVE-2020-5397
Spring Framework, versions 5.2.x before 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight reques...
Vmware Spring Framework
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Service Backbone 15.0
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Retail Assortment Planning 15.0
Oracle Retail Point-of-service 14.1
Oracle Retail Assortment Planning 16.0
Oracle Retail Financial Integration 15.0
Oracle Retail Financial Integration 16.0
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started