Vulnerabilities > Oracle > Retail Point OF Service > 13.4

DATE CVE VULNERABILITY TITLE RISK
2019-04-23 CVE-2019-2558 Unspecified vulnerability in Oracle Retail Point-Of-Service 13.4/14.0/14.1
Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Infrastructure).
network
low complexity
oracle
7.3
2018-05-24 CVE-2018-8013 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class.
network
low complexity
apache debian canonical oracle CWE-502
critical
9.8