Page 9 of 44 results (0.004 seconds)

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-3611

https://notcve.org/view.php?id=CVE-2016-3611

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 15.0 allows remote attackers to affect confidentiality and integrity via vectors related to System Administration. Vulnerabilidad no especificada en el componente Oracle Retail Order Broker en Oracle Retail Applications 15.0 permite a atacantes remotos afectar la confidencialidad e integridad a través de vectores relacionados con System Administration. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91901 http://www.securitytracker.com/id/1036397 •

CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-3565

https://notcve.org/view.php?id=CVE-2016-3565

Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 5.1 and 5.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to System Administration. Vulnerabilidad no especificada en el componente Oracle Retail Order Broke en Oracle Retail Applications 5.1 y 5.2 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con System Administration. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.securityfocus.com/bid/91787 http://www.securityfocus.com/bid/91889 http://www.securitytracker.com/id/1036397 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-0500

https://notcve.org/view.php?id=CVE-2016-0500

Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration. Vulnerabilidad no especificada en el componente Oracle Retail Order Broker Cloud Service en Oracle Retail Applications 4.0 y 4.1 permite a atacantes remotos afectar a la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con System Administration. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034718 •

CVSS: 9.8EPSS: 3%CPEs: 120EXPL: 0

CVE-2015-3253 – Apache Groovy Deserialization of Untrusted Data Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-3253

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object. Vulnerabilidad en la clase MethodClosure en runtime/MethodClosure.java en Apache Groovy desde la versión 1.7.0 hasta la versión 2.4.3, permite a atacantes remotos ejecutar código arbitrario y causar una denegación de servicio a través de un objeto serializado manipulado. A flaw was discovered in the way applications using Groovy used the standard Java serialization mechanism. A remote attacker could use a specially crafted serialized object that would execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. • http://groovy-lang.org/security.html http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html http://rhn.redhat.com/errata/RHSA-2016-0066.html http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-284: Improper Access Control •