Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle retail order broker 15.0 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2020-9409
The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated malicious user to ob...
Tibco Jasperreports Server
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
640
VMScore
CVE-2016-3611
Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote malicious users to affect confidentiality and integrity via vectors related to System Administration.
Oracle Retail Order Broker Cloud Service 15.0
750
VMScore
CVE-2019-12406
Apache CXF prior to 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. This leaves open the possibility of a denial of service type attack, where a malicious user crafts a message containing a very large number of message attachments....
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
980
VMScore
CVE-2020-9410
The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a v...
Tibco Jasperreports Library
Tibco Jasperreports Library 7.2.0
Tibco Jasperreports Library 7.2.1
Tibco Jasperreports Library 7.3.0
Tibco Jasperreports Library 7.5.0
Tibco Jasperreports Server
Tibco Jasperreports Server 7.2.0
Tibco Jasperreports Server 7.5.0
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
1000
VMScore
CVE-2019-12419
Apache CXF prior to 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the suppli...
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Enterprise Manager Base Platform 13.2.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
1000
VMScore
CVE-2018-8013
In Apache Batik 1.x prior to 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deser...
Apache Batik
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Oracle Business Intelligence 11.1.1.7.0
Oracle Business Intelligence 11.1.1.9.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Communications Diameter Signaling Router
Oracle Communications Metasolv Solution 6.3.0
Oracle Communications Webrtc Session Controller
1 Article
850
VMScore
CVE-2019-17566
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET reques...
Apache Batik
Oracle Api Gateway 11.1.2.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Business Intelligence 5.9.0.0.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Communications Application Session Controller 3.9m0p2
Oracle Communications Metasolv Solution
Oracle Communications Offline Mediation Controller 12.0.0.3.0
Oracle Enterprise Repository 11.1.1.7.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Fusion Middleware Mapviewer 12.2.1.4.0
1 Github repository
710
VMScore
CVE-2020-13954
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web...
Apache Cxf
Netapp Snap Creator Framework -
Netapp Vasa Provider For Clustered Data Ontap
Oracle Business Intelligence 5.5.0.0.0
Oracle Business Intelligence 5.9.0.0.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Retail Order Broker Cloud Service 15.0
Oracle Communications Messaging Server 8.0.2
Oracle Communications Messaging Server 8.1
850
VMScore
CVE-2019-12423
Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12)...
Apache Cxf
Oracle Commerce Guided Search 11.3.2
Oracle Communications Diameter Signaling Router
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager 8.1.1
Oracle Communications Session Route Manager 8.2.0
Oracle Communications Session Route Manager 8.2.1
Oracle Flexcube Private Banking 12.0.0
Oracle Flexcube Private Banking 12.1.0
Oracle Retail Order Broker 15.0
920
VMScore
CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
Apache Batik
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Banking Apis 18.3
Oracle Banking Apis 19.1
Oracle Banking Apis 19.2
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
Oracle Banking Digital Experience 18.3
Oracle Banking Digital Experience 19.1
Oracle Banking Digital Experience 19.2
1 Github repository
Preferred Score:
VMScore
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-2538
CVE-2025-24813
CVE-2024-57440
CVE-2024-48591
kube-apiserver
CVE-2025-20014
universal traffic recorder app
CVE-2025-2557
redis
code-projects
spoof
bypass
local
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »
Vulmon