IBM Cognos Analytics 跨站脚本漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decisions by analyzing such things as key factors and key people. A cross-site...

CVE-2025-30708

Vulnerability in the Oracle User Management product of Oracle E-Business Suite component: Search and Register Users. Supported versions that are affected are 12.2.4-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle User...

PT-2024-4902 · Oracle · Oracle Production Scheduling

Name of the Vulnerable Software and Affected Versions: Oracle Production Scheduling versions 12.2.4 through 12.2.12 Description: The issue exists due to insufficient input validation in the Import Utility component of Oracle Production Scheduling in Oracle E-Business Suite. This allows a remote...

PT-2022-23140 · Next.Js +1 · Next.Js +1

Name of the Vulnerable Software and Affected Versions: Next.js version 12.2.3 Description: The issue affects Next.js when used with Node.js version above v15.0.0 and strict unhandledRejection exiting, and when using next start or a custom server. Specific requests to the Next.js server can cause ...

CVE-2020-2557

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain component: Security. Supported versions that are affected are 12.2.4, 12.2.4.1, 12.2.5 and 12.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Buffer overflow

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain component: Security. Supported versions that are affected are 12.2.4, 12.2.4.1, 12.2.5 and 12.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2019-2675

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

Design/Logic Flaw

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2018-3236

Vulnerability in the Oracle User Management component of Oracle E-Business Suite subcomponent: Reports. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2018-3167

Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite subcomponent: User Monitoring. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...

CVE-2018-3167

Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite subcomponent: User Monitoring. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...

CVE-2018-2864

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Diagnostics. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access v...

CVE-2018-2804

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: DB Privileges. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

Design/Logic Flaw

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite subcomponent: General Utilities. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

CVE-2018-2635

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Login. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

CVE-2018-2635

Technical details about CVE-2018-2635 are not publicly provided in the connected documents. The materials summarize affected Oracle E-Business Suite components but do not disclose root cause, exploit specifics, or affected versions beyond what's in the initial entry. Monitor for updates.

CVE-2017-10410

Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite subcomponent: Search. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-10326

Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite subcomponent: Applications Calendar. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...

CVE-2017-10331

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Diagnostics. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access v...

CVE-2017-10325

Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite subcomponent: Applications Calendar. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...