Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

retail integration bus vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv2
CVE-2016-5476
Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
Oracle Retail Integration Bus 14.0Oracle Retail Integration Bus 14.1Oracle Retail Integration Bus 13.1Oracle Retail Integration Bus 13.2Oracle Retail Integration Bus 13.0Oracle Retail Integration Bus 15.0
10
CVSSv2
CVE-2016-3444
Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to Install.
Oracle Retail Integration Bus 15.0Oracle Retail Integration Bus 14.0Oracle Retail Integration Bus 14.1Oracle Retail Integration Bus 13.1Oracle Retail Integration Bus 13.2Oracle Retail Integration Bus 13.0
6.8
CVSSv2
CVE-2018-2876
Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications (subcomponent: RIB Kernal(Apache Commons Collections)). The supported version that is affected is 13.2. Easily exploitable vulnerability allows unauthenticated attacker with network access ...
Oracle Retail Integration Bus 13.2
5
CVSSv2
CVE-2021-40690
All versions of Apache Santuario - XML Security for Java before 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an malicious user to abuse an XP...
Apache Santuario Xml Security For JavaApache TomeeApache Cxf 3.4.4Debian Debian Linux 9.0Debian Debian Linux 10.0Debian Debian Linux 11.0Oracle Flexcube Private Banking 12.1.0Oracle Agile Plm 9.3.6Oracle Weblogic Server 12.2.1.4.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Outside In Technology 8.5.5Oracle Weblogic Server 14.1.1.0.0Oracle Retail Merchandising System 16.0.3Oracle Retail Service Backbone 16.0.3Oracle Retail Financial Integration 16.0.3Oracle Retail Integration Bus 16.0.3Oracle Commerce Guided Search 11.3.2Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Retail Service Backbone 15.0.3.1Oracle Retail Service Backbone 14.1.3.2Oracle Communications Messaging Server 8.1Oracle Retail Merchandising System 19.0.1
4.3
CVSSv2
CVE-2018-1271
Spring Framework, versions 5.0 before 5.0.5 and versions 4.3 before 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to th...
Vmware Spring FrameworkOracle Retail Xstore Point Of Service 7.1Oracle Enterprise Manager Ops Center 12.2.2Oracle Primavera Gateway 16.2Oracle Primavera Gateway 15.2Oracle Application Testing Suite 12.5.0.3Oracle Retail Back Office 14.1Oracle Retail Back Office 14.0Oracle Enterprise Manager Ops Center 12.3.3Oracle Retail Open Commerce Platform 6.0.1Oracle Application Testing Suite 13.1.0.1Oracle Application Testing Suite 13.2.0.1Oracle Application Testing Suite 13.3.0.1Oracle Communications Diameter Signaling RouterOracle Communications Performance Intelligence CenterOracle Communications Services GatekeeperOracle Health Sciences Information Manager 3.0Oracle Healthcare Master Person Index 3.0Oracle Healthcare Master Person Index 4.0Oracle Insurance Calculation Engine 10.2Oracle Insurance Rules Palette 10.0Oracle Insurance Rules Palette 10.2
3.3
CVSSv2
CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory bac...
Apache AntCanonical Ubuntu Linux 19.10Fedoraproject Fedora 31Fedoraproject Fedora 32Opensuse Leap 15.2Oracle Flexcube Investor Servicing 12.3.0Oracle Flexcube Investor Servicing 12.1.0Oracle Flexcube Private Banking 12.1.0Oracle Primavera Unifier 16.2Oracle Retail Integration Bus 14.1Oracle Flexcube Private Banking 12.0.0Oracle Retail Store Inventory Management 14.1Oracle Primavera Unifier 16.1Oracle Enterprise Repository 11.1.1.7.0Oracle Retail Service Backbone 15.0Oracle Retail Integration Bus 15.0Oracle Retail Back Office 14.1Oracle Retail Back Office 14.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.2.0.2.0Oracle Utilities Framework 2.2.0.0.0Oracle Flexcube Investor Servicing 12.4.0
4.3
CVSSv2
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant before 1.9.16 and 1.10.11 were aff...
Apache AntOracle Retail Store Inventory Management 14.1Oracle Enterprise Repository 11.1.1.7.0Oracle Retail Back Office 14.1Oracle Retail Back Office 14.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.2.0.2.0Oracle Retail Central Office 14.0Oracle Retail Central Office 14.1Oracle Primavera Unifier 18.8Oracle Retail Point-of-service 14.1Oracle Retail Point-of-service 14.0Oracle Retail Predictive Application Server 15.0.3Oracle Primavera UnifierOracle Utilities Framework 4.4.0.0.0Oracle Agile Plm 9.3.6Oracle Communications Unified Inventory Management 7.4.0Oracle Retail Store Inventory Management 16.0Oracle Primavera Unifier 19.12Oracle Utilities FrameworkOracle Utilities Framework 4.4.0.2.0Oracle Communications Unified Inventory Management 7.3.0
7.1
CVSSv2
CVE-2022-23437
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulner...
Apache Xerces-jOracle Ilearning 6.2Oracle Flexcube Universal Banking 12.4.0Oracle Weblogic Server 12.2.1.3.0Oracle Agile Plm 9.3.6Oracle Weblogic Server 12.2.1.4.0Oracle Peoplesoft Enterprise Peopletools 8.58Oracle Weblogic Server 14.1.1.0.0Oracle Retail Bulk Data Integration 16.0.3.0Oracle Retail Merchandising System 16.0.3Oracle Global Lifecycle Management Nextgen Oui Framework 13.9.4.2.2Oracle Agile Engineering Data Management 6.2.1.0Oracle Retail Service Backbone 16.0.3Oracle Retail Financial Integration 16.0.3Oracle Retail Integration Bus 16.0.3Oracle Peoplesoft Enterprise Peopletools 8.59Oracle Retail Service Backbone 15.0.3.1Oracle Retail Service Backbone 14.1.3.2Oracle Financial Services Enterprise Case Management 8.0.7.2.0Oracle Banking Party Management 2.7.0Oracle Retail Merchandising System 19.0.1Oracle Retail Integration Bus 14.1.3.2
4.3
CVSSv2
CVE-2019-3739
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
Dell Bsafe Ssl-jDell Bsafe Crypto-jDell Bsafe Cert-jOracle Retail Service Backbone 14.1Oracle Retail Integration Bus 14.1Oracle Retail Service Backbone 15.0Oracle Retail Integration Bus 15.0Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.2.1.3.0Oracle Retail Integration Bus 16.0Oracle Retail Xstore Point Of Service 17.0.3Oracle Weblogic Server 12.2.1.4.0Oracle Application Performance Management 13.3.0.0Oracle Weblogic Server 14.1.1.0.0Oracle Database 12.1.0.2Oracle Database 12.2.0.1Oracle Database 18cOracle Database 19cOracle Retail Assortment Planning 15.0.3.0Oracle Retail Predictive Application Server 14.1.3.0Oracle Retail Predictive Application Server 15.0.3.0Oracle Retail Assortment Planning 16.0.3.0
4.3
CVSSv2
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats ...
Apache AntOracle Retail Store Inventory Management 14.1Oracle Enterprise Repository 11.1.1.7.0Oracle Retail Back Office 14.1Oracle Retail Back Office 14.0Oracle Utilities Framework 4.2.0.3.0Oracle Utilities Framework 4.2.0.2.0Oracle Retail Central Office 14.0Oracle Retail Central Office 14.1Oracle Primavera Unifier 18.8Oracle Retail Point-of-service 14.1Oracle Retail Point-of-service 14.0Oracle Retail Predictive Application Server 15.0.3Oracle Primavera UnifierOracle Utilities Framework 4.4.0.0.0Oracle Agile Plm 9.3.6Oracle Communications Unified Inventory Management 7.4.0Oracle Retail Store Inventory Management 16.0Oracle Primavera Unifier 19.12Oracle Utilities FrameworkOracle Utilities Framework 4.4.0.2.0Oracle Communications Unified Inventory Management 7.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook