Oracle retail clearance optimization engine
This hub aggregates every CVE we track for Oracle retail clearance optimization engine. Use it to gauge the current risk picture and drill into individual advisories.
other
9
CVEs tracked
3
Critical
3
High
1
In CISA KEV
Severity distribution
HIGH3MEDIUM3CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 9 most recently published vulnerabilities affecting Oracle retail clearance optimization engine.
- CVE-2019-12415In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local fi...5.5
- CVE-2019-2904Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exp...9.8
- CVE-2018-15756DoS Attack via Range Requests7.5
- CVE-2018-11040Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) throu...7.5
- CVE-2018-11039Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (includi...5.9
- CVE-2018-1257Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory...6.5
- CVE-2018-1258Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain una...8.8
- CVE-2015-7501Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Servi...9.8
- CVE-2015-4852The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 prot...KEV9.8
Product normalization is registry-driven with AI assist and human review. How it works