163 matches found
CVE-2019-2640
Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2019-2591
Vulnerability in the PeopleSoft Enterprise HRMS component of Oracle PeopleSoft Products subcomponent: Candidate Gateway. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
Oracle E-Business Suite CRM Technical Foundation Component Access Control Error Vulnerability (CNVD-2019-37396)
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. CRM Technical Foundation is one ...
Oracle E-Business Suite Application Object Library Access Control Error Vulnerability
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. Application Object Library AOL,...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2019-28446)
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. CRM Technical Foundation is one of the provision of Java-based infrastructure components for the development of e-business solutions. A security...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2019-28438)
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. Email Center is one of the e-mail component. A securi...
CVE-2018-20301
An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints e.g., creating, editing, updating allow users to update any coherencefields data. For example, users can automatically confirm their accounts ...
CVE-2018-3205
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Workflow. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSo...
Vulnerability in core server (CVE-2018-10925)
Memory disclosure and missing authorization in INSERT ... ON CONFLICT DO UPDATE...
Unspecified Vulnerability in Oracle Retail Applications MICROS Relate CRM Software Component
Oracle Retail Applications is a set of retail applications store solutions from Oracle Corporation. MICROS Relate CRM Software is one of the customer relationship management components. An unspecified vulnerability exists in the Oracle Retail Applications MICROS Relate CRM Software component. An...
CVE-2018-2933
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP t...
CVE-2018-2959
Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. The supported version that is affected is 18.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks...
CVE-2018-2897
Vulnerability in the Oracle FLEXCUBE Enterprise Limits and Collateral Management component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.3.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker...
CVE-2018-2896
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications subcomponent: Payments Core. Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...
Oracle Solaris Local Vulnerability (CNVD-2018-09103)
Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is a Unix-like operating system. A local security vulnerability exists in Oracle Solaris, where the 'Network Services Library' subcomponent is affected. An attacker could exploit the...
Oracle Communications Order and Service Management Component Remote Vulnerability (CNVD-2018-09096)
Oracle Communications is Oracle's suite of applications for rapidly delivering and monetizing digital life communications.Communications Order and Service Management is one of the components used to coordinate activities between internal BOSS systems. A security vulnerability exists in the WebUI...
CVE-2018-2737
Vulnerability in the Oracle Retail Returns Management component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 2.3.8, 2.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
CVE-2017-10325
Vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite subcomponent: Applications Calendar. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated...
CVE-2017-10292
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to the infrastructure where RDBMS Security...
CVE-2017-10253
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Pivot Grid. Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...