SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the sqlExpressions feature. An attacker can execute unauthorized commands on the system by chaining SQL Expressions with plugin functionality. Remediation Upgrade github.com/grafana/grafana/pkg/expr/sql to version...

CVE-2020-2821

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite component: Budget. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade...

CVE-2020-2789

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport...

CVE-2019-2828

Vulnerability in the Oracle Field Service component of Oracle E-Business Suite subcomponent: Wireless. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2019-2782

Vulnerability in the Oracle Payments component of Oracle E-Business Suite subcomponent: File Transmission. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

CVE-2019-2761

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP...

CVE-2019-2668

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite subcomponent: Print Server. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Oracle E-Business Suite Component Access Control Error Vulnerability (CNVD-2019-28430)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, etc. Applications Manager is one of the components used to monitor the...

Oracle E-Business Suite Component Access Control Error Vulnerability

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. field Service formerly known as...

Oracle E-Business Suite Component Access Control Error Vulnerability (CNVD-2019-28435)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. iSupport is one of the Internet-based customer support...

Oracle E-Business Suite Component Access Control Error Vulnerability (CNVD-2019-28432)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. payments is one of the payment management component. ...

CVE-2019-2677

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite subcomponent: Marketing Administration. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker...

CVE-2019-2682

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite subcomponent: Attachments / File Upload. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker wit...

CVE-2019-2663

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated...

CVE-2019-2675

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

Design/Logic Flaw

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Preferences. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2019-2488

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite subcomponent: Session Management. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with...