CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

6.1CVSS6.9AI score0.00493EPSS

CVE-2022-21630

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

OSV•added 2022/10/18 9:15 p.m.•3 views

CVE-2022-21629

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards...

5.4CVSS5.8AI score0.00422EPSS

ATTACKERKB•added 2022/10/18 9:15 p.m.•4 views

CVE-2022-21613

Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware component: Dashboard. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

8.8CVSS7.3AI score0.00578EPSS

7.5CVSS7.2AI score0.00771EPSS

CVE-2022-21614

8.1CVSS7.2AI score0.00714EPSS

CVE-2022-21612

Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware component: Dashboard. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

NVD•added 2022/10/18 9:15 p.m.•13 views

CVE-2022-21612

Vulnerability in the Oracle Enterprise Data Quality product of Oracle Fusion Middleware component: Dashboard. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.1CVSS0.00714EPSS

OSV•added 2022/10/18 9:15 p.m.•1 views

CVE-2022-21590

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: Core Formatting API. Supported versions that are affected are 5.9.0.0, 6.4.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

7.6CVSS5.8AI score

5.3CVSS6.8AI score0.00762EPSS

CVE-2022-21597

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaScript. Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via...

Exploits0References2

ATTACKERKB•added 2022/10/18 9:15 p.m.•4 views

CVE-2022-21602

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

5.3CVSS6.7AI score0.0059EPSS

7.6CVSS7.1AI score0.00645EPSS

CVE-2022-21590

Prion•added 2022/10/18 9:15 p.m.•20 views

Design/Logic Flaw

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware component: Authentication Engine. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager...

5CVSS5.2AI score0.01028EPSS

Exploits0References1Affected Software1

Prion•added 2022/10/18 9:15 p.m.•20 views

Buffer overflow

5CVSS4.9AI score0.00762EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/10/18 12:0 a.m.•18 views

CVE-2022-21623

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Application Config Console. Supported versions that are affected are 13.4.0.0 and 13.5.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

7.5CVSS7.1AI score0.0063EPSS

CNNVD•added 2022/10/18 12:0 a.m.•4 views

Oracle JD Edwards Products 安全漏洞

Oracle JD Edwards Products is a fully integrated suite of Enterprise Resource Planning ERP applications from Oracle. The products offer application modules for financial management, project management, and asset lifecycle management. A security vulnerability exists in Oracle JD Edwards' JD Edward...

6.1CVSS7AI score0.00493EPSS

Exploits0References2

Vulnrichment•added 2022/10/18 12:0 a.m.•21 views

CVE-2022-21590

7.6CVSS6.9AI score0.00645EPSS

Positive Technologies•added 2022/10/18 12:0 a.m.•3 views

PT-2022-14979

Name of the Vulnerable Software and Affected Versions Oracle GraalVM Enterprise Edition versions 20.3.7 through 22.2.0 Description An easily exploitable issue exists in the JavaScript component of Oracle GraalVM Enterprise Edition. An unauthenticated attacker with network access via HTTP can...

5.3CVSS6.4AI score0.00762EPSS

Exploits0References4

NVD•added 2022/10/07 9:15 p.m.•19 views

CVE-2022-41574

An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal...

7.5CVSS0.00628EPSS

Exploits0References2

Prion•added 2022/10/07 9:15 p.m.•18 views

Improper access control

5CVSS7.5AI score0.00628EPSS

CVE•added 2022/10/07 12:0 a.m.•41 views

CVE-2022-41574

CVE-2022-41574 affects Gradle Enterprise 2022.4–2022.3.1, where an access-control flaw allows remote attackers to prevent backups and send emails with arbitrary content via an exposed internal HTTP endpoint. The issue is fixed in 2022.3.2; upgrading to that version is the stated remediation. Expl...

7.5CVSS7.5AI score0.00628EPSS