VYPR

Retail Open Commerce Platform Cloud Service

by Oracle Corporation

CVEs (7)

  • CVE-2017-5645CriApr 17, 2017
    risk 0.71cvss 9.8epss 0.89

    In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

  • CVE-2018-3122MedOct 17, 2018
    risk 0.44cvss 6.8epss 0.01

    Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Integrations). Supported versions that are affected are 6.0, 6.0.1 and 5.3. Difficult to exploit vulnerability allows low privileged attacker with network access via…

  • CVE-2017-10172MedAug 8, 2017
    risk 0.40cvss 6.1epss 0.01

    Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Framework). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker…

  • CVE-2017-10173MedAug 8, 2017
    risk 0.38cvss 5.8epss 0.02

    Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Website). Supported versions that are affected are 5.0, 5.1, 5.2, 5.3, 6.0, 6.1, 15.0 and 15.1. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2017-3451MedApr 24, 2017
    risk 0.35cvss 5.4epss 0.01

    Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Web). Supported versions that are affected are 4.0, 5.0, 5.1, 5.3, 6.0,6.1, 15.0 and 16.0. Easily "exploitable" vulnerability allows low privileged attacker with…

  • CVE-2016-0522Jan 21, 2016
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Retail Open Commerce Platform Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Framework.

  • CVE-2015-4827Oct 21, 2015
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail Applications 3.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Framework.