Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
retail open commerce platform vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-0522
Unspecified vulnerability in the Oracle Retail Open Commerce Platform Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, and 5.0 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Framework.
Oracle Retail Open Commerce Platform Cloud Service 4.7
Oracle Retail Open Commerce Platform Cloud Service 3.5
Oracle Retail Open Commerce Platform Cloud Service 5.0
Oracle Retail Open Commerce Platform Cloud Service 4.5
6.4
CVSSv2
CVE-2015-4827
Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote malicious users to affect confidentiality and integrity via unknown vectors related to Framework.
Oracle Retail Applications 3.0
5.8
CVSSv2
CVE-2017-10172
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Framework). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with...
Oracle Retail Open Commerce Platform Cloud Service 15.1
Oracle Retail Open Commerce Platform Cloud Service 5.1
Oracle Retail Open Commerce Platform Cloud Service 5.3
Oracle Retail Open Commerce Platform Cloud Service 5.0
Oracle Retail Open Commerce Platform Cloud Service 5.2
Oracle Retail Open Commerce Platform Cloud Service 6.0
Oracle Retail Open Commerce Platform Cloud Service 6.1
Oracle Retail Open Commerce Platform Cloud Service 15.0
5
CVSSv2
CVE-2021-43859
XStream is an open source java library to serialize objects to XML and back again. Versions before 1.4.19 may allow a remote malicious user to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of servic...
Xstream Project Xstream
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Flexcube Private Banking 12.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Retail Xstore Point Of Service 16.0.6
Oracle Retail Xstore Point Of Service 17.0.4
Oracle Retail Xstore Point Of Service 18.0.3
Oracle Retail Xstore Point Of Service 19.0.2
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Oracle Communications Policy Management 12.6.0.0.0
Oracle Communications Diameter Intelligence Hub
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
Oracle Communications Brm - Elastic Charging Engine
5
CVSSv2
CVE-2017-10173
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Website). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with n...
Oracle Retail Open Commerce Platform Cloud Service 15.0
Oracle Retail Open Commerce Platform Cloud Service 15.1
Oracle Retail Open Commerce Platform Cloud Service 5.1
Oracle Retail Open Commerce Platform Cloud Service 5.3
Oracle Retail Open Commerce Platform Cloud Service 5.0
Oracle Retail Open Commerce Platform Cloud Service 5.2
Oracle Retail Open Commerce Platform Cloud Service 6.0
Oracle Retail Open Commerce Platform Cloud Service 6.1
4.9
CVSSv2
CVE-2018-3122
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Integrations). Supported versions that are affected are 6.0, 6.0.1 and 5.3. Difficult to exploit vulnerability allows low privileged attacker with network access via H...
Oracle Retail Open Commerce Platform 6.0
Oracle Retail Open Commerce Platform 6.0.1
Oracle Retail Open Commerce Platform 5.3
4.9
CVSSv2
CVE-2017-3451
Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Web). Supported versions that are affected are 4.0, 5.0, 5.1, 5.3, 6.0,6.1, 15.0 and 16.0. Easily "exploitable" vulnerability allows low privileged attacker ...
Oracle Retail Open Commerce Platform Cloud Service 6.1
Oracle Retail Open Commerce Platform Cloud Service 6.0
Oracle Retail Open Commerce Platform Cloud Service 5.1
Oracle Retail Open Commerce Platform Cloud Service 5.3
Oracle Retail Open Commerce Platform Cloud Service 5.0
Oracle Retail Open Commerce Platform Cloud Service 16.0
Oracle Retail Open Commerce Platform Cloud Service 4.0
Oracle Retail Open Commerce Platform Cloud Service 15.0
4.3
CVSSv2
CVE-2019-17573
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that...
Apache Cxf
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Order Broker 15.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Communications Session Report Manager 8.1.1
Oracle Communications Session Report Manager 8.2.0
Oracle Communications Session Report Manager 8.2.1
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Commerce Guided Search 11.3.2
4.3
CVSSv2
CVE-2018-1271
Spring Framework, versions 5.0 before 5.0.5 and versions 4.3 before 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to th...
Vmware Spring Framework
Oracle Retail Xstore Point Of Service 7.1
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Application Testing Suite 12.5.0.3
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Retail Open Commerce Platform 6.0.1
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Diameter Signaling Router
Oracle Communications Performance Intelligence Center
Oracle Communications Services Gatekeeper
Oracle Health Sciences Information Manager 3.0
Oracle Healthcare Master Person Index 3.0
Oracle Healthcare Master Person Index 4.0
Oracle Insurance Calculation Engine 10.2
Oracle Insurance Rules Palette 10.0
Oracle Insurance Rules Palette 10.2
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started