cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-2057,https://securityvulnerability.io/vulnerability/CVE-2021-2057,Oracle Retail Customer Management Vulnerability in Oracle Retail Applications,"A vulnerability exists in Oracle Retail Customer Management and Segmentation Foundation that could be exploited by a low-privileged attacker with network access via HTTP. Successful exploitation may enable the attacker to execute unauthorized updates, inserts, or deletions to accessible data. Furthermore, it allows for unauthorized read access to some data and can lead to a partial denial of service. This exposes sensitive information and could compromise the integrity of the data managed by Oracle Retail applications.",Oracle,Retail Customer Management And Segmentation Foundation,6.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2021-01-20T14:50:06.000Z,0
CVE-2020-14731,https://securityvulnerability.io/vulnerability/CVE-2020-14731,Vulnerability in Oracle Retail Customer Management and Segmentation Foundation Software,"A vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product permits a low-privileged attacker with network access via HTTP to compromise the system. This issue affects supported versions 18.0 and 19.0, allowing unauthorized read access to specific accessible data. Exploiting this vulnerability could lead to data exposure, particularly impacting confidentiality.",Oracle,Retail Customer Management And Segmentation Foundation,3.1,LOW,0.0005699999746866524,false,,false,false,false,,,false,false,,2020-10-21T14:04:23.000Z,0
CVE-2020-14732,https://securityvulnerability.io/vulnerability/CVE-2020-14732,Vulnerability in Oracle Retail Customer Management Product by Oracle,"A vulnerability exists in the Oracle Retail Customer Management and Segmentation Foundation that allows a low-privileged attacker with network access to potentially gain unauthorized read access to sensitive data. The issue affects version 19.0 of the product and can be exploited via HTTP connections. This vulnerability may expose a subset of data to unauthorized individuals, resulting in potential information leakage. For detailed information, refer to the security alert issued by Oracle.",Oracle,Retail Customer Management And Segmentation Foundation,3.1,LOW,0.0005699999746866524,false,,false,false,false,,,false,false,,2020-10-21T14:04:23.000Z,0
CVE-2020-14708,https://securityvulnerability.io/vulnerability/CVE-2020-14708,Segmentation Vulnerability in Oracle Retail Applications Product,"A segmentation vulnerability exists in Oracle's Customer Management and Segmentation Foundation, which allows low-privileged attackers with HTTP network access to exploit the system. This could lead to unauthorized modifications, deletions, or access to sensitive customer data. Affected versions include 16.0, 17.0, and 18.0. The flaw emphasizes the need for rigorous security measures to protect critical data from unauthorized actions.",Oracle,Retail Customer Management And Segmentation Foundation,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:35.000Z,0
CVE-2020-14709,https://securityvulnerability.io/vulnerability/CVE-2020-14709,Vulnerability in Customer Management and Segmentation Foundation of Oracle Retail Applications,"An improper access control vulnerability exists in Oracle's Customer Management and Segmentation Foundation that could allow an attacker with low privileges and network access to compromise the system. This vulnerability permits unauthorized actions such as the creation, deletion, and modification of critical data. Attackers may exploit this flaw to gain unauthorized read access to subsets of sensitive information, potentially jeopardizing data confidentiality and integrity.",Oracle,Retail Customer Management And Segmentation Foundation,7.1,HIGH,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:35.000Z,0
CVE-2020-14710,https://securityvulnerability.io/vulnerability/CVE-2020-14710,Security Vulnerability in Oracle Retail Customer Management Product,"The Customer Management and Segmentation Foundation product within Oracle Retail Applications has a vulnerability allowing attackers with low privilege and network access via HTTP to compromise its security. This easily exploitable vulnerability can lead to unauthorized updates, inserts, or deletions of accessible data, as well as unauthorized read access to certain data sets. Organizations using affected versions (16.0, 17.0, and 18.0) should take immediate action to mitigate potential risks to their data integrity and confidentiality.",Oracle,Retail Customer Management And Segmentation Foundation,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:35.000Z,0
CVE-2020-2953,https://securityvulnerability.io/vulnerability/CVE-2020-2953,Unauthenticated Remote Code Execution Vulnerability in Oracle Retail Customer Management,"A vulnerability exists within Oracle Retail Customer Management and Segmentation Foundation that allows unauthenticated attackers with network access to exploit the system. By sending specially crafted HTTP requests, an attacker can potentially take over the affected product, compromising critical data and operational integrity. This flaw emphasizes the urgent need for robust security measures and timely updates to safeguard sensitive information and maintain continuity in retail operations.",Oracle,Retail Customer Management And Segmentation Foundation,9.8,CRITICAL,0.007530000060796738,false,,false,false,false,,,false,false,,2020-04-15T13:29:54.000Z,0
CVE-2020-2648,https://securityvulnerability.io/vulnerability/CVE-2020-2648,Vulnerability in Oracle Retail Customer Management and Segmentation Foundation,"This vulnerability affects Oracle Retail Customer Management and Segmentation Foundation, allowing an attacker with physical access to exploit the system easily. Successful exploitation may lead to unauthorized takeover of the application, compromising both its integrity and confidentiality. Organizations utilizing this version must implement robust physical security measures to mitigate the risks associated with this vulnerability.",Oracle,Retail Customer Management And Segmentation Foundation,6.2,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0
CVE-2020-2649,https://securityvulnerability.io/vulnerability/CVE-2020-2649,Vulnerability in Oracle Retail Customer Management and Segmentation Foundation,"A low privileged attacker with access to the infrastructure running Oracle Retail Customer Management and Segmentation Foundation can exploit a vulnerability in the product, potentially gaining unauthorized read access to sensitive data. This issue affects version 16.0, and successful attacks may lead to compromised data confidentiality.",Oracle,Retail Customer Management And Segmentation Foundation,3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0
CVE-2020-2650,https://securityvulnerability.io/vulnerability/CVE-2020-2650,Unauthorized Access Vulnerability in Oracle Retail Applications,"A vulnerability exists in the Oracle Retail Customer Management and Segmentation Foundation, where an unauthenticated attacker with network access can compromise the system via HTTP. This flaw permits unauthorized operations such as updates, inserts, and deletions on accessible data within the application. Additionally, it allows unauthorized read access to specific accessible data, posing significant security risks to integrity and confidentiality.",Oracle,Retail Customer Management And Segmentation Foundation,6.5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0
CVE-2020-2567,https://securityvulnerability.io/vulnerability/CVE-2020-2567,HTTP Exploitation Vulnerability in Oracle Retail Customer Management Software,"The Oracle Retail Customer Management and Segmentation Foundation contains an easily exploitable security vulnerability that could allow a high-privileged attacker to compromise the system via network access through HTTP. While the attack requires human interaction from a user other than the attacker, successful exploitation may lead to unauthorized modifications, including update, insert, or deletion of accessible data. Furthermore, this vulnerability could allow unauthorized read access to certain data within the Oracle Retail Customer Management and Segmentation Foundation, potentially impacting additional connected products.",Oracle,Retail Customer Management And Segmentation Foundation,4.8,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:01.000Z,0
CVE-2019-2884,https://securityvulnerability.io/vulnerability/CVE-2019-2884,Vulnerability in Oracle Retail Customer Management and Segmentation Foundation,"A vulnerability exists in the Oracle Retail Customer Management and Segmentation Foundation product that allows an unauthenticated attacker to access the system via HTTP. This weakness poses significant risks, including unauthorized access to sensitive data stored within the application. Exploitation of this vulnerability could potentially lead to complete compromise of the data accessible through the Oracle Retail Customer Management and Segmentation Foundation service.",Oracle,Retail Customer Management And Segmentation Foundation,5.9,MEDIUM,0.0026599999982863665,false,,false,false,false,,,false,false,,2019-10-16T17:40:53.000Z,0
CVE-2019-2883,https://securityvulnerability.io/vulnerability/CVE-2019-2883,Vulnerability in Oracle Retail Customer Management and Segmentation Foundation Product,"This vulnerability in Oracle Retail Customer Management and Segmentation Foundation allows a low-privileged attacker with network access via HTTP to compromise the system. Exploitation requires human interaction from an unrelated party, leading to unauthorized updates, inserts, or deletions of accessible data, as well as unauthorized read access to a subset of that data. This significant flaw highlights the importance of strong access controls and continuous monitoring to safeguard sensitive information.",Oracle,Retail Customer Management And Segmentation Foundation,4.6,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-10-16T17:40:53.000Z,0
CVE-2018-3315,https://securityvulnerability.io/vulnerability/CVE-2018-3315,Vulnerability in Oracle Retail Customer Management Component,"A vulnerability exists in the Oracle Retail Customer Management and Segmentation Foundation that enables a low privileged attacker with HTTP network access to compromise the system. While specifically affecting versions 16.0 and 17.0, this vulnerability can have wide-reaching impacts on associated products within the Oracle Retail Applications suite. Successful exploitation could lead to unauthorized creation, deletion, or modification of critical data, thereby jeopardizing the confidentiality and integrity of the entire dataset accessible through the Oracle Retail Customer Management and Segmentation Foundation.",Oracle,Retail Customer Management And Segmentation Foundation,8.2,HIGH,0.0006399999838322401,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2018-3316,https://securityvulnerability.io/vulnerability/CVE-2018-3316,Vulnerability in Oracle Retail Customer Management and Segmentation Foundation,"A low privileged attacker with network access via HTTP can exploit a vulnerability in the Oracle Retail Customer Management and Segmentation Foundation, affecting versions 16.0 and 17.0. The attacker can gain unauthorized access to critical data, perform updates, inserts, or deletions of that data, and may even induce a partial denial of service. This vulnerability poses a significant risk to data integrity and confidentiality.",Oracle,Retail Customer Management And Segmentation Foundation,7.6,HIGH,0.0008399999933317304,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2018-3312,https://securityvulnerability.io/vulnerability/CVE-2018-3312,Vulnerability in Oracle Retail Customer Engagement Affects Data Integrity,"A vulnerability exists in the Oracle Retail Customer Engagement component that allows an attacker with high privileges and network access via HTTP to compromise the system. Exploitation of this vulnerability can lead to unauthorized actions such as the creation, deletion or modification of critical data. It also allows unauthorized read access to certain data and can potentially cause a partial denial of service. Supported affected versions include 16.0 and 17.0.",Oracle,Retail Customer Management And Segmentation Foundation,5.5,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2019-04-23T18:16:38.000Z,0
CVE-2018-3053,https://securityvulnerability.io/vulnerability/CVE-2018-3053,,"Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation component of Oracle Retail Applications (subcomponent: Internal Operations). Supported versions that are affected are 16.x and 17.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Customer Management and Segmentation Foundation. While the vulnerability is in Oracle Retail Customer Management and Segmentation Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Customer Management and Segmentation Foundation accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Customer Management and Segmentation Foundation. CVSS 3.0 Base Score 6.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L).",Oracle,Retail Customer Management And Segmentation Foundation,6.4,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0