Retail_sales_audit - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Retail_sales_audit
(Oracle)

Repositories	https://github.com/jquery/jquery
#Vulnerabilities	20

Date	Id	Summary	Products	Score	Patch	Annotated
2020-03-26	CVE-2020-10968	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).	Debian_linux, Jackson\-Databind, Steelstore_cloud_integrated_storage, Agile_plm, Autovue_for_agile_product_lifecycle_management, Banking_digital_experience, Banking_platform, Communications_calendar_server, Communications_contacts_server, Communications_diameter_signaling_router, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_session_report_manager, Communications_session_route_manager, Enterprise_manager_base_platform, Financial_services_analytical_applications_infrastructure, Financial_services_institutional_performance_analytics, Financial_services_price_creation_and_discovery, Financial_services_retail_customer_analytics, Global_lifecycle_management_opatch, Insurance_policy_administration_j2ee, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_service_backbone, Retail_xstore_point_of_service, Weblogic_server	8.8
2020-03-26	CVE-2020-10969	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.	Debian_linux, Jackson\-Databind, Steelstore_cloud_integrated_storage, Agile_plm, Autovue_for_agile_product_lifecycle_management, Banking_digital_experience, Banking_platform, Communications_calendar_server, Communications_contacts_server, Communications_diameter_signaling_router, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_session_report_manager, Communications_session_route_manager, Enterprise_manager_base_platform, Financial_services_analytical_applications_infrastructure, Financial_services_institutional_performance_analytics, Financial_services_price_creation_and_discovery, Financial_services_retail_customer_analytics, Global_lifecycle_management_opatch, Insurance_policy_administration_j2ee, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_service_backbone, Retail_xstore_point_of_service, Weblogic_server	8.8
2020-03-31	CVE-2020-11111	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).	Debian_linux, Jackson\-Databind, Steelstore_cloud_integrated_storage, Agile_plm, Autovue_for_agile_product_lifecycle_management, Banking_digital_experience, Banking_platform, Communications_calendar_server, Communications_contacts_server, Communications_diameter_signaling_router, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_session_report_manager, Communications_session_route_manager, Enterprise_manager_base_platform, Global_lifecycle_management_opatch, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_xstore_point_of_service, Weblogic_server	8.8
2020-03-31	CVE-2020-11112	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).	Debian_linux, Jackson\-Databind, Steelstore_cloud_integrated_storage, Agile_plm, Autovue_for_agile_product_lifecycle_management, Banking_digital_experience, Banking_platform, Communications_calendar_server, Communications_contacts_server, Communications_diameter_signaling_router, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_session_report_manager, Communications_session_route_manager, Enterprise_manager_base_platform, Financial_services_analytical_applications_infrastructure, Financial_services_institutional_performance_analytics, Financial_services_price_creation_and_discovery, Financial_services_retail_customer_analytics, Global_lifecycle_management_opatch, Insurance_policy_administration_j2ee, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_service_backbone, Retail_xstore_point_of_service, Weblogic_server	8.8
2020-03-31	CVE-2020-11113	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).	Debian_linux, Jackson\-Databind, Steelstore_cloud_integrated_storage, Agile_plm, Autovue_for_agile_product_lifecycle_management, Banking_digital_experience, Banking_platform, Communications_calendar_server, Communications_contacts_server, Communications_diameter_signaling_router, Communications_element_manager, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Communications_session_report_manager, Communications_session_route_manager, Enterprise_manager_base_platform, Financial_services_analytical_applications_infrastructure, Financial_services_institutional_performance_analytics, Financial_services_price_creation_and_discovery, Financial_services_retail_customer_analytics, Global_lifecycle_management_opatch, Insurance_policy_administration_j2ee, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_service_backbone, Retail_xstore_point_of_service, Webcenter_portal, Weblogic_server	8.8
2020-04-07	CVE-2020-11619	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).	Debian_linux, Jackson\-Databind, Active_iq_unified_manager, Steelstore_cloud_integrated_storage, Agile_plm, Banking_platform, Communications_calendar_server, Communications_contacts_server, Communications_diameter_signaling_router, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Enterprise_manager_base_platform, Global_lifecycle_management_opatch, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_xstore_point_of_service, Weblogic_server	8.1
2020-04-07	CVE-2020-11620	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).	Debian_linux, Jackson\-Databind, Active_iq_unified_manager, Steelstore_cloud_integrated_storage, Banking_platform, Communications_contacts_server, Communications_evolved_communications_application_server, Communications_instant_messaging_server, Communications_network_charging_and_control, Enterprise_manager_base_platform, Global_lifecycle_management_opatch, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_unifier, Retail_merchandising_system, Retail_sales_audit, Retail_xstore_point_of_service, Weblogic_server	8.1
2022-12-26	CVE-2020-10650	A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and org.quartz.utils.JNDIConnectionProvider.	Jackson\-Databind, Retail_merchandising_system, Retail_sales_audit	8.1
2022-03-11	CVE-2020-36518	jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.	Debian_linux, Jackson\-Databind, Active_iq_unified_manager, Cloud_insights_acquisition_unit, Oncommand_insight, Oncommand_workflow_automation, Snap_creator_framework, Big_data_spatial_and_graph, Coherence, Commerce_platform, Communications_billing_and_revenue_management, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_console, Communications_cloud_native_core_network_repository_function, Communications_cloud_native_core_network_slice_selection_function, Communications_cloud_native_core_security_edge_protection_proxy, Communications_cloud_native_core_service_communication_proxy, Communications_cloud_native_core_unified_data_repository, Financial_services_analytical_applications_infrastructure, Financial_services_behavior_detection_platform, Financial_services_crime_and_compliance_management_studio, Financial_services_enterprise_case_management, Financial_services_trade\-Based_anti_money_laundering, Global_lifecycle_management_nextgen_oui_framework, Global_lifecycle_management_opatch, Graph_server_and_client, Health_sciences_empirica_signal, Peoplesoft_enterprise_peopletools, Primavera_gateway, Primavera_p6_enterprise_project_portfolio_management, Primavera_unifier, Retail_sales_audit, Sd\-Wan_edge, Spatial_studio, Utilities_framework, Weblogic_server	7.5
2019-10-16	CVE-2019-2904	Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts)....	Application_testing_suite, Banking_enterprise_collections, Banking_enterprise_originations, Banking_enterprise_product_manufacturing, Banking_platform, Business_process_management_suite, Clinical, Communications_diameter_signaling_router, Communications_network_integrity, Communications_service_broker, Communications_services_gatekeeper, Enterprise_repository, Financial_services_lending_and_leasing, Financial_services_revenue_management_and_billing_analytics, Flexcube_private_banking, Health_sciences_data_management_workbench, Hyperion_planning, Rapid_planning, Retail_assortment_planning, Retail_clearance_optimization_engine, Retail_markdown_optimization, Retail_sales_audit	9.8