Page 20 of 103 results (0.011 seconds)

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-3296

https://notcve.org/view.php?id=CVE-2017-3296

Vulnerability in the Oracle Commerce Platform component of Oracle Commerce (subcomponent: Dynamo Application Framework). Supported versions that are affected are 10.0.3.5, 10.2.0.5 and 11.2.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Platform. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Commerce Platform accessible data. • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-5491

https://notcve.org/view.php?id=CVE-2016-5491

Unspecified vulnerability in the Oracle Commerce Service Center component in Oracle Commerce 10.0.3.5 and 10.2.0.5 allows remote attackers to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Commerce Service Center en Oracle Commerce 10.0.3.5 y 10.2.0.5 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93667 • CWE-284: Improper Access Control •

CVSS: 8.2EPSS: 0%CPEs: 6EXPL: 0

CVE-2016-5482

https://notcve.org/view.php?id=CVE-2016-5482

Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Commerce Guided Search en Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2 y 6.5.0 hasta la versión 6.5.2 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93664 • CWE-284: Improper Access Control •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-0522

https://notcve.org/view.php?id=CVE-2016-0522

Unspecified vulnerability in the Oracle Retail Open Commerce Platform Cloud Service component in Oracle Retail Applications 3.5, 4.5, 4.7, and 5.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Framework. Vulnerabilidad no especificada en el componente Oracle Retail Open Commerce Platform Cloud Service en Oracle Retail Applications 3.5, 4.5, 4.7 y 5.0 permite a atacantes remotos afectar a la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Framework. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034718 •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2015-2607

https://notcve.org/view.php?id=CVE-2015-2607

Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.0.2, 3.1.1, 3.1.2, 11.0, and 11.1 allows remote attackers to affect confidentiality via unknown vectors related to Content Acquisition System. Vulnerabilidad no especificada en el componente Oracle Commerce Guided Search / Oracle Commerce Experience Manager en Oracle Commerce Platform 3.0.2, 3.1.1, 3.1.2, 11.0 y 11.1, permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Content Acquisition System. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •