Oracle Commerce_guided_search
52 CVEs affecting Oracle Commerce_guided_search. Latest disclosed: 2023-10-17. Critical: 2, High: 35.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-22947 | Critical | 10.0 | 2022-03-03 | In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enab… |
CVE-2019-12419 | Critical | 9.8 | 2019-11-06 | Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability i… |
CVE-2021-39152 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data fro… |
CVE-2021-39150 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data fro… |
CVE-2021-39154 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39151 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39149 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39148 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39147 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39146 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39145 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39144 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient righ… |
CVE-2021-39141 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-39139 | High | 8.5 | 2021-08-23 | XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute… |
CVE-2021-41165 | High | 8.2 | 2021-11-17 | CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all… |
CVE-2021-41164 | High | 8.2 | 2021-11-17 | CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may a… |
CVE-2016-5482 | High | 8.2 | 2016-10-25 | Unspecified vulnerability in the Oracle Commerce Guided Search component in Oracle Commerce 6.2.2, 6.3.0, 6.4.1.2, and 6.5.0 through 6.5.2 allows remote attack… |
CVE-2020-28052 | High | 8.1 | 2020-12-18 | An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when check… |
CVE-2020-2604 | High | 8.1 | 2020-01-15 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8… |
CVE-2021-22118 | High | 7.8 | 2021-05-27 | In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)cr… |