Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle retail point-of-service 14.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-2558
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Infrastructure). Supported versions that are affected are 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...
Oracle Retail Point-of-service 14.1
Oracle Retail Point-of-service 13.4
Oracle Retail Point-of-service 14.0
5.5
CVSSv2
CVE-2017-10065
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via ...
Oracle Retail Point-of-service 7.1.2
Oracle Retail Point-of-service 7.1.3
Oracle Retail Point-of-service 7.0.4
Oracle Retail Point-of-service 7.0.5
Oracle Retail Point-of-service 7.0.0
Oracle Retail Point-of-service 7.1.0
Oracle Retail Point-of-service 16.0.2
Oracle Retail Point-of-service 16.0.0.1
Oracle Retail Point-of-service 7.1.6
Oracle Retail Point-of-service 7.0.1
Oracle Retail Point-of-service 6.5.10
Oracle Retail Point-of-service 6.5.11
Oracle Retail Point-of-service 16.0.0
Oracle Retail Point-of-service 15.0.0
Oracle Retail Point-of-service 7.1.4
Oracle Retail Point-of-service 7.1.5
Oracle Retail Point-of-service 7.0.6
Oracle Retail Point-of-service 6.5.4
Oracle Retail Point-of-service 6.5.0
Oracle Retail Point-of-service 6.0.0
Oracle Retail Point-of-service 16.0.1
Oracle Retail Point-of-service 15.0.1
4.3
CVSSv2
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant before 1.9.16 and 1.10.11 were aff...
Apache Ant
Oracle Retail Store Inventory Management 14.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Retail Central Office 14.0
Oracle Retail Central Office 14.1
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Point-of-service 14.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Primavera Unifier
Oracle Utilities Framework 4.4.0.0.0
Oracle Agile Plm 9.3.6
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Store Inventory Management 16.0
Oracle Primavera Unifier 19.12
Oracle Utilities Framework
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Unified Inventory Management 7.3.0
4.3
CVSSv2
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats ...
Apache Ant
Oracle Retail Store Inventory Management 14.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Retail Central Office 14.0
Oracle Retail Central Office 14.1
Oracle Primavera Unifier 18.8
Oracle Retail Point-of-service 14.1
Oracle Retail Point-of-service 14.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Primavera Unifier
Oracle Utilities Framework 4.4.0.0.0
Oracle Agile Plm 9.3.6
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Store Inventory Management 16.0
Oracle Primavera Unifier 19.12
Oracle Utilities Framework
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Unified Inventory Management 7.3.0
3.3
CVSSv2
CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory bac...
Apache Ant
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Retail Integration Bus 14.1
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Store Inventory Management 14.1
Oracle Primavera Unifier 16.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Flexcube Investor Servicing 12.4.0
7.5
CVSSv2
CVE-2018-8013
In Apache Batik 1.x prior to 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deser...
Apache Batik
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Fusion Middleware Mapviewer 12.2.1.2
Oracle Enterprise Repository 12.1.3.0.0
Oracle Business Intelligence 11.1.1.9.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Business Intelligence 11.1.1.7.0
Oracle Retail Back Office 13.4
Oracle Retail Back Office 14.1
Oracle Retail Back Office 13.3
Oracle Business Intelligence 12.2.1.3.0
Oracle Communications Diameter Signaling Router
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 5.2
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Insurance Calculation Engine 10.2.1
Oracle Insurance Calculation Engine 10.1.1
1 Article
3.6
CVSSv2
CVE-2020-5421
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
Vmware Spring Framework
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Insurance Rules Palette 10.2.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Retail Predictive Application Server 14.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Insurance Policy Administration 10.2
Oracle Enterprise Data Quality 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Retail Invoice Matching 14.0
Oracle Retail Invoice Matching 14.1
Oracle Fusion Middleware 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Fusion Middleware 12.2.1.4.0
2 Github repositories
3.3
CVSSv2
CVE-2016-0435
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality and integrity via vectors related to Mobile POS.
Oracle Retail Applications 13.4
Oracle Retail Applications 14.1
Oracle Retail Applications 14.0
1.9
CVSSv2
CVE-2016-0434
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0436, CVE-2016-0437, and CVE-2016-0...
Oracle Retail Applications 14.1
Oracle Retail Applications 14.0
Oracle Retail Applications 13.4
1.9
CVSSv2
CVE-2016-0436
Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0437, and CVE-2016-0...
Oracle Retail Applications 14.1
Oracle Retail Applications 14.0
Oracle Retail Applications 13.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »