1536 matches found
Oracle Retail Xstore Suite - Pre-authenticated Path Traversal
Vulnerability in the Oracle Retail Xstore Office product of Oracle Retail Applications component: Security. Supported versions that are affected are 19.0.5, 20.0.3, 20.0.4, 22.0.0 and 23.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
EUVD-2026-42959
Authorization bypass through User-Controlled key vulnerability in Adam Retail Automation Ltd. MobilMen 20T allows Privilege Escalation. This issue affects MobilMen 20T: from v3 through 10072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2026-2398 IDOR in AdamPOS' MobilMen 20T
Authorization bypass through User-Controlled key vulnerability in Adam Retail Automation Ltd. MobilMen 20T allows Privilege Escalation. This issue affects MobilMen 20T: from v3 through 10072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2026-21010
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-50211
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...
CVE-2026-50211
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...
CVE-2026-50211
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...
CVE-2026-50211 Exposed Factory Testing App Boundaries
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...
EUVD-2026-34223
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...
CVE-2026-50211 Exposed Factory Testing App Boundaries
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...
PT-2026-46163
Name of the Vulnerable Software and Affected Versions Acer Connect M6E 5G Portable WiFi Router affected versions not specified Description Engineering diagnostics and factory-level diagnostic software are exposed on retail builds. This allows malicious applications to obtain write privileges to...
Malicious code in retail-location-strategy-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 056a42f9d6cabda51a99fe21f647f8270a15e121d2017f53e3fa7cc1aad9a47f The OpenSSF Package Analysis project identified 'retail-location-strategy-frontend' @ 1.1.1 npm as malicious. It is considered malicious because...
MAL-2026-5092 Malicious code in retail-location-strategy-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 056a42f9d6cabda51a99fe21f647f8270a15e121d2017f53e3fa7cc1aad9a47f The OpenSSF Package Analysis project identified 'retail-location-strategy-frontend' @ 1.1.1 npm as malicious. It is considered malicious because...
EUVD-2026-21864
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21010
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21010
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21010
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...
CVE-2026-21010
CVE-2026-21010 describes an improper input validation issue in Samsung Retail Mode prior to SMR Apr-2026 Release 1. The vulnerability allows a local attacker to trigger privileged functions, with confidentiality, integrity, and availability impact reported as high. Public details point to affecte...
CVE-2026-21010
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...
PT-2026-32268
Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions...