Oracle

Retail Service Backbone

45 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-11040

  • EPSS 8.25%
  • Published 25.06.2018 15:29:00
  • Last modified 21.11.2024 03:42:32

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controlle...

9.8

CVE-2017-5645

  • EPSS 94.01%
  • Published 17.04.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

8

CVE-2016-5475

  • EPSS 0.7%
  • Published 21.07.2016 10:15:32
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.

9

CVE-2016-5474

  • EPSS 2.43%
  • Published 21.07.2016 10:15:31
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle Retail Service Backbone component in Oracle Retail Applications 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RSB Kernel.

9.8

CVE-2015-3253

  • EPSS 52.46%
  • Published 13.08.2015 14:59:02
  • Last modified 12.04.2025 10:46:40

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.