Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle retail xstore point of service 7.1 vulnerabilities and exploits
(subscribe to this query)
4.5
CVSSv3
CVE-2016-3429
Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Xstore Services.
Oracle Retail Xstore Point Of Service 5.0
Oracle Retail Xstore Point Of Service 5.5
Oracle Retail Xstore Point Of Service 6.0
Oracle Retail Xstore Point Of Service 6.5
Oracle Retail Xstore Point Of Service 7.0
Oracle Retail Xstore Point Of Service 7.1
5.3
CVSSv3
CVE-2018-12536
In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can t...
Eclipse Jetty
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0.0
Oracle Retail Xstore Point Of Service 17.0
6.5
CVSSv3
CVE-2017-10183
Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Difficult to exploit vulnerability allows unauthenticated atta...
Oracle Retail Xstore Point Of Service 6.0.10
Oracle Retail Xstore Point Of Service 6.0.11
Oracle Retail Xstore Point Of Service 6.5.4
Oracle Retail Xstore Point Of Service 6.5.10
Oracle Retail Xstore Point Of Service 6.5.11
Oracle Retail Xstore Point Of Service 7.0
Oracle Retail Xstore Point Of Service 7.0.1
Oracle Retail Xstore Point Of Service 7.0.2
Oracle Retail Xstore Point Of Service 7.0.3
Oracle Retail Xstore Point Of Service 7.0.4
Oracle Retail Xstore Point Of Service 7.0.5
Oracle Retail Xstore Point Of Service 7.0.6
8.2
CVSSv3
CVE-2017-10214
Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Easily exploitable vulnerability allows unauthenticated attack...
Oracle Retail Xstore Point Of Service 6.0.10
Oracle Retail Xstore Point Of Service 6.0.11
Oracle Retail Xstore Point Of Service 6.5.4
Oracle Retail Xstore Point Of Service 6.5.10
Oracle Retail Xstore Point Of Service 6.5.11
Oracle Retail Xstore Point Of Service 7.0
Oracle Retail Xstore Point Of Service 7.0.1
Oracle Retail Xstore Point Of Service 7.0.2
Oracle Retail Xstore Point Of Service 7.0.3
Oracle Retail Xstore Point Of Service 7.0.4
Oracle Retail Xstore Point Of Service 7.0.5
Oracle Retail Xstore Point Of Service 7.0.6
7.5
CVSSv3
CVE-2017-9735
Jetty up to and including 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote malicious users to obtain access by observing elapsed times before rejection of incorrect passwords.
Eclipse Jetty
Debian Debian Linux 9.0
Oracle Communications Cloud Native Core Policy 1.5.0
Oracle Enterprise Manager Base Platform 13.2
Oracle Enterprise Manager Base Platform 13.3
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Rest Data Services 11.2.0.4
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 18c
Oracle Retail Xstore Point Of Service 7.1
7.5
CVSSv3
CVE-2019-0190
A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when using OpenSS...
Apache Http Server 2.4.37
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Retail Xstore Point Of Service 7.0
Oracle Retail Xstore Point Of Service 7.1
1 Github repository
8.1
CVSSv3
CVE-2020-11620
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Active Iq Unified Manager
Netapp Steelstore Cloud Integrated Storage -
Oracle Banking Platform
Oracle Communications Contacts Server 8.0.0.4.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Network Charging And Control
Oracle Communications Network Charging And Control 6.0.1
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
1 Github repository
9.8
CVSSv3
CVE-2017-7658
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the ...
Eclipse Jetty
Debian Debian Linux 9.0
Oracle Rest Data Services 11.2.0.4
Oracle Rest Data Services 12.1.0.2
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 18c
Oracle Retail Xstore Payment 3.3
Oracle Retail Xstore Point Of Service 7.1
Oracle Retail Xstore Point Of Service 15.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Retail Xstore Point Of Service 17.0
Hp Xp P9000 Command View
1 Article
9.8
CVSSv3
CVE-2017-7657
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size coul...
Eclipse Jetty
Debian Debian Linux 9.0
Netapp E-series Santricity Management -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services -
Netapp Element Software -
Netapp Element Software Management Node -
Netapp Hci Storage Nodes -
Netapp Oncommand System Manager 3.x
Netapp Oncommand Unified Manager
Netapp Santricity Cloud Connector -
Netapp Snap Creator Framework
9.8
CVSSv3
CVE-2020-9547
FasterXML jackson-databind 2.x prior to 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Debian Debian Linux 8.0
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Banking Platform
Oracle Communications Contacts Server 8.0.0.4.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Network Charging And Control
Oracle Communications Network Charging And Control 6.0.1
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »