Vulnerabilities > Oracle > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-23 | CVE-2018-3316 | Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 16.0/17.0 Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation component of Oracle Retail Applications (subcomponent: Segment). | 7.6 |
| 2019-07-23 | CVE-2018-3315 | Unspecified vulnerability in Oracle Retail Customer Management and Segmentation Foundation 16.0/17.0 Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation component of Oracle Retail Applications (subcomponent: Customer). | 8.2 |
| 2019-07-23 | CVE-2018-3111 | Unspecified vulnerability in Oracle Retail Xstore Office 7.1 Vulnerability in the Oracle Retail Xstore Office component of Oracle Retail Applications (subcomponent: Internal Operations). | 7.6 |
| 2019-07-19 | CVE-2019-1010239 | NULL Pointer Dereference vulnerability in multiple products DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. | 7.5 |
| 2019-07-11 | CVE-2019-10193 | Out-of-bounds Write vulnerability in multiple products A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. | 7.2 |
| 2019-07-11 | CVE-2019-10192 | Out-of-bounds Write vulnerability in multiple products A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. | 7.2 |
| 2019-07-10 | CVE-2018-14550 | Out-of-bounds Write vulnerability in multiple products An issue has been found in third-party PNM decoding associated with libpng 1.6.35. | 8.8 |
| 2019-07-02 | CVE-2019-5443 | Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. | 7.8 |
| 2019-06-24 | CVE-2018-20843 | XXE vulnerability in multiple products In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). network low complexity libexpat-project canonical debian fedoraproject opensuse oracle tenable CWE-611 | 7.5 |
| 2019-05-28 | CVE-2019-5436 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | 7.8 |