Retail store inventory management

This hub aggregates every CVE we track for Retail store inventory management, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Retail store inventory management.

• CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9Dec 18, 2021
• CVE-2021-42340DoS via memory leak with WebSocket connections7.5Oct 14, 2021
• CVE-2021-2351Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows u...8.3Jul 20, 2021
• CVE-2021-36374Apache Ant ZIP, and ZIP based, archive denial of service vulerability5.5Jul 14, 2021
• CVE-2021-36373Apache Ant TAR archive denial of service vulnerability5.5Jul 14, 2021
• CVE-2020-17521Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method...5.5Dec 7, 2020
• CVE-2020-11979As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task dele...7.5Oct 1, 2020
• CVE-2020-1945Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. T...6.3May 14, 2020
• CVE-2020-9488Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log me...3.7Apr 27, 2020
• CVE-2019-2880Vulnerability in the Oracle Retail Store Inventory Management product of Oracle Retail Applications (component: Security). The supported version that is affected is 16.0. Easily exploitable vulnera...8.8Apr 15, 2020
• CVE-2019-17091faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client win...6.1Oct 2, 2019
• CVE-2019-3740RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentia...6.5Sep 18, 2019
• CVE-2019-3739RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potential...6.5Sep 18, 2019
• CVE-2019-3738RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce ...6.5Sep 18, 2019
• CVE-2017-12617When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the...KEV8.1Oct 3, 2017