Oracle Retail Integration Bus versions 13.0, 13.1, and 13.2 suffer from a directory traversal vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
6f8a1120d684841ffb90bdd49168f11bb340737bbffc7f5797135391c8ec0273
Oracle Retail Central Office versions 13.1, 13.2, 13.3, and 13.4 suffer from a remote SQL injection vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
2c7f0ba82ee179931a11ce83af0f1a97529fbc3be8c23d3c8637508876d2767a