Skip to main content

Retail Order Broker Cloud Service

6 CVEs product

Monthly

CVE-2020-13954 Maven MEDIUM PATCH This Month

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Cxf Snap Creator Framework Vasa Provider For Clustered Data Ontap +3
NVD
CVSS 3.1
6.1
EPSS
43.0%
CVE-2020-9488 Maven LOW PATCH Monitor

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Apache Log4J Communications Application Session Controller Communications Billing And Revenue Management +43
NVD VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2016-3611 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Retail Order Broker Cloud Service
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-0635 HIGH PATCH This Week

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Elastic Information Disclosure Java Oracle Documaker +10
NVD
CVSS 3.0
8.8
EPSS
5.0%
CVE-2016-0500 HIGH This Week

Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Retail Order Broker Cloud Service
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2015-3253 Maven CRITICAL PATCH Act Now

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 69.7%.

RCE Denial Of Service Java Apache Groovy +5
NVD
CVSS 3.0
9.8
EPSS
69.7%
Threat
4.1
EPSS 43% CVSS 6.1
MEDIUM PATCH This Month

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Cxf +5
NVD
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Apache Log4J +45
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Retail Order Broker Cloud Service
NVD
EPSS 5% CVSS 8.8
HIGH PATCH This Week

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Elastic Information Disclosure Java +12
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Retail Order Broker Cloud Service
NVD
EPSS 70% 4.1 CVSS 9.8
CRITICAL PATCH Act Now

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 69.7%.

RCE Denial Of Service Java +7
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy