Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
retail order broker vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2016-3565
Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 5.1 and 5.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to System Administration.
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 5.2
10
CVSSv2
CVE-2020-9409
The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated malicious user to ob...
Tibco Jasperreports Server
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
7.5
CVSSv2
CVE-2016-0500
Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to System Administration.
Oracle Retail Order Broker Cloud Service 4.1
Oracle Retail Order Broker Cloud Service 4.0
5.8
CVSSv2
CVE-2016-3611
Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote malicious users to affect confidentiality and integrity via vectors related to System Administration.
Oracle Retail Order Broker Cloud Service 15.0
6.8
CVSSv2
CVE-2020-9410
The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a v...
Tibco Jasperreports Library 7.2.0
Tibco Jasperreports Server
Tibco Jasperreports Library
Tibco Jasperreports Library 7.2.1
Tibco Jasperreports Library 7.3.0
Tibco Jasperreports Library 7.5.0
Tibco Jasperreports Server 7.2.0
Tibco Jasperreports Server 7.5.0
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
4.3
CVSSv2
CVE-2019-12406
Apache CXF prior to 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. This leaves open the possibility of a denial of service type attack, where a malicious user crafts a message containing a very large number of message attachments....
Apache Cxf
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Order Broker 15.0
Oracle Commerce Guided Search 11.3.2
5
CVSSv2
CVE-2022-25647
The package com.google.code.gson:gson prior to 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
Google Gson
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Active Iq Unified Manager -
Oracle Retail Order Broker 18.0
Oracle Retail Order Broker 19.1
Oracle Graalvm 20.3.6
Oracle Graalvm 21.3.2
Oracle Graalvm 22.1.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
7.5
CVSSv2
CVE-2018-8013
In Apache Batik 1.x prior to 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deser...
Apache Batik
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Fusion Middleware Mapviewer 12.2.1.2
Oracle Enterprise Repository 12.1.3.0.0
Oracle Business Intelligence 11.1.1.9.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Business Intelligence 11.1.1.7.0
Oracle Retail Back Office 13.4
Oracle Retail Back Office 14.1
Oracle Retail Back Office 13.3
Oracle Business Intelligence 12.2.1.3.0
Oracle Communications Diameter Signaling Router
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 5.2
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Insurance Calculation Engine 10.2.1
Oracle Insurance Calculation Engine 10.1.1
1 Article
7.5
CVSSv2
CVE-2019-12419
Apache CXF prior to 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the suppli...
Apache Cxf
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Order Broker 15.0
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Commerce Guided Search 11.3.2
5
CVSSv2
CVE-2019-17566
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET reques...
Apache Batik
Oracle Api Gateway 11.1.2.4.0
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Enterprise Repository 11.1.1.7.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Point-of-service 14.1
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Fusion Middleware Mapviewer 12.2.1.4.0
Oracle Instantis Enterprisetrack
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Retail Integration Bus 15.0.3
Oracle Communications Application Session Controller 3.9m0p2
Oracle Hospitality Opera 5 5.5
Oracle Hospitality Opera 5 5.6
Oracle Business Intelligence 5.9.0.0.0
Oracle Retail Order Management System Cloud Service 19.5
Oracle Jd Edwards Enterpriseone Tools
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »