VYPR

Retail Applications

by Oracle Corporation

CVEs (18)

  • CVE-2017-10065HigOct 19, 2017
    risk 0.55cvss 8.5epss 0.01

    Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2017-10214HigAug 8, 2017
    risk 0.53cvss 8.2epss 0.02

    Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Easily exploitable vulnerability allows unauthenticated…

  • CVE-2016-5476HigJul 21, 2016
    risk 0.50cvss 7.6epss 0.02

    Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.

  • CVE-2016-5475HigJul 21, 2016
    risk 0.50cvss 7.6epss 0.02

    Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.

  • CVE-2016-5539HigOct 25, 2016
    risk 0.47cvss 7.3epss 0.01

    Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2016-5540MedOct 25, 2016
    risk 0.44cvss 6.7epss 0.00

    Unspecified vulnerability in the Oracle Retail Xstore Payment component in Oracle Retail Applications 1.x allows local users to affect confidentiality and integrity via unknown vectors.

  • CVE-2017-10183MedAug 8, 2017
    risk 0.42cvss 6.5epss 0.01

    Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Difficult to exploit vulnerability allows unauthenticated…

  • CVE-2017-10172MedAug 8, 2017
    risk 0.40cvss 6.1epss 0.01

    Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Framework). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker…

  • CVE-2017-10423MedOct 19, 2017
    risk 0.35cvss 5.4epss 0.01

    Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP…

  • CVE-2014-0050Apr 1, 2014
    risk 0.03cvss epss 0.83

    MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended…

  • CVE-2016-0438Jan 21, 2016
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0436, and…

  • CVE-2016-0437Jan 21, 2016
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0436, and…

  • CVE-2016-0436Jan 21, 2016
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0434, CVE-2016-0437, and…

  • CVE-2016-0435Jan 21, 2016
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality and integrity via vectors related to Mobile POS.

  • CVE-2016-0434Jan 21, 2016
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS, a different vulnerability than CVE-2016-0436, CVE-2016-0437, and…

  • CVE-2015-4827Oct 21, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Framework.

  • CVE-2015-0494Apr 16, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Retail Central Office component in Oracle Retail Applications 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote attackers to affect integrity via unknown vectors.

  • CVE-2015-0466Apr 16, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Retail Back Office component in Oracle Retail Applications 12.0, 12.0IN, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote attackers to affect integrity via unknown vectors.

VYPR — Vulnerability Intelligence