Vulnerabilities > Oracle > Commerce Guided Search
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-06 | CVE-2019-12406 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Apache CXF before 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. | 6.5 |
| 2016-10-25 | CVE-2016-5482 | Improper Access Control vulnerability in Oracle Commerce Guided Search Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | 5.8 |