Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Retail point-of-service'
2019-04-23
CVE-2019-2558
CWE-284
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Infrastructure). Supported versions that are affected are 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Point-of-Service accessible data as well as unauthorized read access to a subset of Oracle Retail Point-of-Service accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Point-of-Service. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).
2018-05-24
CVE-2018-8013
CWE-502
In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization.
2018-05-11
CVE-2018-1258
CWE-863
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
2018-04-18
CVE-2018-2862
CWE-noinfo
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: User Interface). Supported versions that are affected are 13.3.8, 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Point-of-Service accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Point-of-Service accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).
2017-10-19
CVE-2017-10065
CWE-noinfo
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. While the vulnerability is in Oracle Retail Point-of-Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Retail Point-of-Service accessible data as well as unauthorized read access to a subset of Oracle Retail Point-of-Service accessible data. CVSS 3.0 Base Score 8.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N).
>>>
Vendor:
Oracle
744
Produkty
Oracle8i
Database server
Http server
Database assistant
Web listener
Application server
Listener
Internet directory
Oracle9i
E-business suite
JSP
Application server web cache
Corporate time outlook connector
Reports
Configurator
Applications
Oracle files
Application server portal
Collaboration suite
Enterprise manager
Enterprise manager database control
Enterprise manager grid control
Oracle10g
Database server lite
10g reports server
Forms
Jdeveloper
Forms builder
Html db
Clinical
10g enterprise manager database control
Enterprise manager application server control
Peoplesoft enterprise
Enterpriseone
Peoplesoft enterprise customer relationship management
Application server discussion forum portlet
Peoplesoft enterprise portal
Oracle client
10g enterprise manager grid control
Developer suite
Workflow
Diagnostics
Collaboration suite 10g release 1
Peoplesoft enterprise tools
Pharmaceutical
Exchange
APEX
Rapid install web server
Peoplesoft enterprise human capital management
Peoplesoft enterprise peopletools
Secure enterprise search
Jinitiator
Enterprise grid console server
Opmn daemon
Application server 9i
Application express
Database 9i
Application server 10g
Database 10g
Database 11g
E-business suite 11i
E-business suite 12
Peoplesoft hcm eperformance
Siebel enterprise
Bea product suite
Weblogic server
Webloic server component
Weblogic server component
Oracle portal component
Report manager component
Application object library
Advanced replication
Enterprise manager 10g
Instance management component
Advanced replication component
Oracle database
Oracle application server
Mobile application server
Times ten client server component
Times ten in memory database
Times ten client server
Spatial component
Data pump component
Authentication component
Advanced queuing component
Oracle applications technology stack component
Core rdbms component
Hyperion bi plus component
Database scheduler
Oracle http server component
Jd edwards enterpriseone
Peoplesoft peopletools component
Peoplesoft peopletools
Glassfish server
Database 11i
Jd edwards enterpriseone ep
Secure backup
Weblogic workshop
Timesten in-memory database
Enterprise manager grid control 10g
Zobacz wszystkie produkty dla producenta
Oracle
Copyright
2024
, cxsecurity.com
Back to Top