Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle retail service backbone 15.0 vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv3
CVE-2016-5475
Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.
Oracle Retail Service Backbone 14.0
Oracle Retail Service Backbone 14.1
Oracle Retail Service Backbone 15.0
7.5
CVSSv3
CVE-2020-5398
In Spring Framework, versions 5.2.x before 5.2.3, versions 5.1.x before 5.1.13, and versions 5.0.x before 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attrib...
Vmware Spring Framework
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Service Backbone 15.0
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
Oracle Retail Assortment Planning 15.0
Oracle Retail Point-of-service 14.1
Oracle Retail Predictive Application Server 15.0.3
Oracle Retail Assortment Planning 16.0
Oracle Retail Financial Integration 15.0
Oracle Retail Financial Integration 16.0
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Mysql
2 Github repositories
7.5
CVSSv3
CVE-2018-15756
Spring Framework, version 5.1, versions 5.0.x before 5.0.10, versions 4.3.x before 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annota...
Vmware Spring Framework
Vmware Spring Framework 5.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Invoice Matching 13.0
Oracle Flexcube Private Banking 12.0.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Retail Invoice Matching 12.0
Oracle Flexcube Private Banking 12.0.3
Oracle Insurance Rules Palette 10.2.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Webcenter Sites 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Insurance Rules Palette 10.0
7.5
CVSSv3
CVE-2018-11040
Spring Framework, versions 5.0.x before 5.0.7 and 4.3.x before 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for...
Vmware Spring Framework
Oracle Flexcube Private Banking 2.2.0.1
Oracle Retail Xstore Point Of Service 7.1
Oracle Application Testing Suite 12.5.0.3
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Endeca Information Discovery Integrator 3.1.0
Oracle Agile Product Lifecycle Management 9.3.3
Oracle Agile Product Lifecycle Management 9.3.4
Oracle Agile Product Lifecycle Management 9.3.5
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Online Mediation Controller 6.1
Oracle Communications Services Gatekeeper
Oracle Healthcare Master Person Index 3.0
Oracle Healthcare Master Person Index 4.0
Oracle Insurance Rules Palette 10.0
Oracle Insurance Rules Palette 10.2
6.5
CVSSv3
CVE-2020-5421
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
Vmware Spring Framework
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Insurance Rules Palette 10.2.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Retail Predictive Application Server 14.1
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Insurance Policy Administration 10.2
Oracle Enterprise Data Quality 12.2.1.3.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Retail Invoice Matching 14.0
Oracle Retail Invoice Matching 14.1
Oracle Fusion Middleware 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Fusion Middleware 12.2.1.4.0
2 Github repositories
6.5
CVSSv3
CVE-2019-3738
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
Dell Bsafe Ssl-j
Dell Bsafe Crypto-j
Dell Bsafe Cert-j
Mcafee Threat Intelligence Exchange Server 3.0.0
Mcafee Threat Intelligence Exchange Server
Oracle Retail Service Backbone 14.1
Oracle Retail Integration Bus 14.1
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Retail Integration Bus 16.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Xstore Point Of Service 17.0.3
Oracle Application Performance Management 13.3.0.0
Oracle Database 12.1.0.2
Oracle Database 12.2.0.1
Oracle Database 18c
Oracle Database 19c
Oracle Retail Assortment Planning 15.0.3.0
Oracle Retail Predictive Application Server 14.1.3.0
6.5
CVSSv3
CVE-2019-3739
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
Dell Bsafe Ssl-j
Dell Bsafe Crypto-j
Dell Bsafe Cert-j
Oracle Retail Service Backbone 14.1
Oracle Retail Integration Bus 14.1
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Integration Bus 16.0
Oracle Retail Xstore Point Of Service 17.0.3
Oracle Weblogic Server 12.2.1.4.0
Oracle Application Performance Management 13.3.0.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Database 12.1.0.2
Oracle Database 12.2.0.1
Oracle Database 18c
Oracle Database 19c
Oracle Retail Assortment Planning 15.0.3.0
Oracle Retail Predictive Application Server 14.1.3.0
Oracle Retail Predictive Application Server 15.0.3.0
Oracle Retail Assortment Planning 16.0.3.0
6.5
CVSSv3
CVE-2019-3740
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
Dell Bsafe Ssl-j
Dell Bsafe Crypto-j
Dell Bsafe Cert-j
Oracle Retail Service Backbone 14.1
Oracle Retail Integration Bus 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Retail Predictive Application Server 15.0
Oracle Retail Integration Bus 16.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Xstore Point Of Service 17.0.3
Oracle Weblogic Server 12.2.1.4.0
Oracle Application Performance Management 13.3.0.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Database 12.1.0.2
Oracle Database 12.2.0.1
6.3
CVSSv3
CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory bac...
Apache Ant
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.2
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Flexcube Private Banking 12.1.0
Oracle Primavera Unifier 16.2
Oracle Retail Integration Bus 14.1
Oracle Flexcube Private Banking 12.0.0
Oracle Retail Store Inventory Management 14.1
Oracle Primavera Unifier 16.1
Oracle Enterprise Repository 11.1.1.7.0
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Retail Back Office 14.1
Oracle Retail Back Office 14.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Flexcube Investor Servicing 12.4.0
6.1
CVSSv3
CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Redhat Hibernate Validator
Redhat Hibernate Validator 6.1.0
Redhat Single Sign-on -
Redhat Jboss Enterprise Application Platform -
Redhat Jboss Data Grid -
Redhat Openshift Application Runtimes -
Redhat Fuse 1.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Netapp Active Iq Unified Manager -
Netapp Element -
Netapp Snapcenter Plug-in -
Netapp Management Services For Element Software And Netapp Hci -
Oracle Flexcube Investor Servicing 12.3.0
Oracle Flexcube Investor Servicing 12.1.0
Oracle Solaris 11
Oracle Flexcube Private Banking 12.1.0
Oracle Insurance Policy Administration J2ee 10.2.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Investor Servicing 12.0.4
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Integration Bus 13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »