Oracle Retail Financial Integration 14.1.3.2/15.0.3.1/16.0.3.0 Spring Framework Local Privilege Escalation

A vulnerability was found in Oracle Retail Financial Integration 16.0.3.0/15.0.3.1/14.1.3.2 (Financial Software). It has been rated as critical. Affected by this issue is some unknown functionality of the component Spring Framework. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-27982 : SCHNEIDER ELECTRIC IGSS DATA SERVER/IGSS DASHBOARD/CUSTOM REPORTS UP TO 16.0.0.23040 DASHBOARD FILE DATA AUTHENTICITY

CVE-2023-27982 : SCHNEIDER ELECTRIC IGSS DATA SERVER/IGSS DASHBOARD/CUSTOM REPORTS UP TO 16.0.0.23040 DASHBOARD FILE DATA AUTHENTICITY

Description A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause manipulation of dashboard

CVE-2023-1501 : ROCKOA 2.3.2 ACLOUDCOSACTION.PHP.SQL RUNACTION FILEID UNRESTRICTED UPLOAD

CVE-2023-1501 : ROCKOA 2.3.2 ACLOUDCOSACTION.PHP.SQL RUNACTION FILEID UNRESTRICTED UPLOAD

Description A vulnerability, which was classified as critical, was found in RockOA 2.3.2. This affects the function runAction of the

CVE-2023-28116 : CONTIKI-NG UP TO 4.8/4.9 BLE L2CAP MODULE PACKETBUF_SIZE BUFFER OVERFLOW

CVE-2023-28116 : CONTIKI-NG UP TO 4.8/4.9 BLE L2CAP MODULE PACKETBUF_SIZE BUFFER OVERFLOW

Description Contiki-NG is an open-source, cross-platform operating system for internet of things (IoT) devices. In versions 4.8 and prior, an