cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-2872,https://securityvulnerability.io/vulnerability/CVE-2019-2872,Vulnerability in Oracle Retail Xstore Point of Service Affects Multiple Versions,"A vulnerability exists in Oracle Retail Xstore Point of Service that can be exploited through physical access. This flaw requires that a user with physical presence interact with the system, potentially allowing unauthorized updates, deletions, or insertions of sensitive data. Attackers could gain unauthorized read access to specific datasets, compromising the integrity and confidentiality of the accessed information. Affected versions include 17.0.3, 18.0.1, and 19.0.0, highlighting the importance of safeguarding physical access to the point of sale systems.",Oracle,Retail Xstore Point Of Service,2.7,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-10-16T17:40:53.000Z,0
CVE-2019-2558,https://securityvulnerability.io/vulnerability/CVE-2019-2558,Unauthenticated Access Vulnerability in Oracle Retail Point-of-Service,"This vulnerability within the Oracle Retail Point-of-Service component allows unauthenticated attackers with HTTP network access to compromise the system. Exploits can lead to unauthorized updates, inserts, or deletions of critical data, as well as unauthorized reading of sensitive information. Attackers could also trigger a partial denial of service, affecting the system’s availability. The flaw affects specific supported versions, highlighting the necessity for timely updates to safeguard against potential attacks.",Oracle,Retail Point-of-service,7.3,HIGH,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-04-23T18:16:39.000Z,0
CVE-2018-3126,https://securityvulnerability.io/vulnerability/CVE-2018-3126,,"Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xenvironment). Supported versions that are affected are 15.0.2, 16.0.4 and 17.0.2. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks of this vulnerability can result in takeover of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).",Oracle,Retail Xstore Point Of Service,6.6,MEDIUM,0.0012700000079348683,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2018-2840,https://securityvulnerability.io/vulnerability/CVE-2018-2840,,"Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Supported versions that are affected are 6.5.11, 7.0.6, 7.1.6, 15.0.1 and 16.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Xstore Point of Service accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Xstore Point of Service accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L).",Oracle,Retail Xstore Point Of Service,7.6,HIGH,0.003010000102221966,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2862,https://securityvulnerability.io/vulnerability/CVE-2018-2862,,"Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: User Interface). Supported versions that are affected are 13.3.8, 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Point-of-Service accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Point-of-Service accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",Oracle,Retail Point-of-service,7.1,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2017-10065,https://securityvulnerability.io/vulnerability/CVE-2017-10065,,"Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: Security). Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Point-of-Service. While the vulnerability is in Oracle Retail Point-of-Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Retail Point-of-Service accessible data as well as unauthorized read access to a subset of Oracle Retail Point-of-Service accessible data. CVSS 3.0 Base Score 8.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N).",Oracle,Retail Point-of-service,8.5,HIGH,0.0005699999746866524,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10427,https://securityvulnerability.io/vulnerability/CVE-2017-10427,,"Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.11, 6.5.11, 7.0.6, 7.1.6 and 15.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. While the vulnerability is in Oracle Retail Xstore Point of Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Xstore Point of Service accessible data as well as unauthorized read access to a subset of Oracle Retail Xstore Point of Service accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L).",Oracle,Retail Xstore Point Of Service,6.5,MEDIUM,0.0013699999544769526,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10214,https://securityvulnerability.io/vulnerability/CVE-2017-10214,,"Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Xstore Point of Service accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Xstore Point of Service accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N).",Oracle,Retail Xstore Point Of Service,8.2,HIGH,0.0016899999463930726,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-10183,https://securityvulnerability.io/vulnerability/CVE-2017-10183,,"Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.x, 6.5.x, 7.0.x, 7.1.x, 15.0.x and 16.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Point of Service. While the vulnerability is in Oracle Retail Xstore Point of Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Xstore Point of Service accessible data as well as unauthorized read access to a subset of Oracle Retail Xstore Point of Service accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Xstore Point of Service. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L).",Oracle,Retail Xstore Point Of Service,6.5,MEDIUM,0.001230000052601099,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2016-3429,https://securityvulnerability.io/vulnerability/CVE-2016-3429,,"Unspecified vulnerability in the Oracle Retail Xstore Point of Service component in Oracle Retail Applications 5.0, 5.5, 6.0, 6.5, 7.0, and 7.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Xstore Services.",Oracle,Retail Xstore Point Of Service,4.5,MEDIUM,0.0026499999221414328,false,,false,false,false,,,false,false,,2016-04-21T10:00:00.000Z,0