← Back

Retail Workforce Management Software

retail_workforce_management_software

Vendor: Oracle • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-19362
4Debian
FasterxmlOracle+1 more
12Automation Manager
Business Process Management SuiteDebian Linux+9 more
Nov 21, 2024
Jan 2, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
CVE-2018-19361
4Debian
FasterxmlOracle+1 more
12Automation Manager
Business Process Management SuiteDebian Linux+9 more
Nov 21, 2024
Jan 2, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
CVE-2018-19360
4Debian
FasterxmlOracle+1 more
12Automation Manager
Business Process Management SuiteDebian Linux+9 more
Nov 21, 2024
Jan 2, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
CVE-2018-14719
5Debian
FasterxmlNetapp+2 more
20Banking Platform
Business Process Management SuiteClusterware+17 more
Nov 21, 2024
Jan 2, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
CVE-2018-14718
5Debian
FasterxmlNetapp+2 more
25Banking Platform
Business Process Management SuiteCommunications Billing And Revenue Management+22 more
Nov 21, 2024
Jan 2, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
CVE-2015-9251
2Jquery
Oracle
47Agile Product Lifecycle Management For Process
Banking PlatformBusiness Process Management Suite+44 more
Nov 21, 2024
Jan 18, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.