Oracle: >> Retail Applications >> 13.0 Security Vulnerabilities
Unspecified vulnerability in the Oracle Retail Back Office component in Oracle Retail Applications 12.0, 12.0IN, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, and 14.1 allows remote attackers to affect integrity via unknown vectors.
CVSS Score
4.3
EPSS Score
0.004
Published
2015-04-16
MultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop's intended exit conditions.
CVSS Score
7.5
EPSS Score
0.926
Published
2014-04-01