Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools (CNVD-2021-33842)

Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. A security vulnerability exists in the SQR component of Oracle PeopleSoft Enterprise PeopleTools versions 8.56, 8.57, and 8.58. An attack...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2021-33853)

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on, a collection of management software, is a seamless integration of a management suite.Oracle Universal...

Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools (CNVD-2021-33841)

Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. A security vulnerability exists in the Security component of Oracle PeopleSoft Enterprise PeopleTools versions 8.56, 8.57, and 8.58. An...

CVE-2021-22703

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor intercepts HTT...

Design/Logic Flaw

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor intercepts HTT...

CVE-2021-22703

CVE-2021-22703 affects Schneider Electric PowerLogic devices: ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800. The issue is CWE-319 Cleartext transmission of sensitive information, enabling disclosure of user credentials if an attacker intercepts HTTP traffic between...

CVE-2021-22703

A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor intercepts HTT...

CVE-2021-2115

Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite component: Tasks. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

PT-2021-1774 · Oracle · Oracle Complex Maintenance

Name of the Vulnerable Software and Affected Versions: Oracle Complex Maintenance, Repair, and Overhaul versions 11.5.10, 12.1, and 12.2 Description: The issue is related to insufficient access control in the Dialog Box component of the Oracle Complex Maintenance, Repair, and Overhaul product. It...

Oracle Fusion Middleware Component Access Control Error Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collections, and other capabilities.WebLogic Server is one of the application server components for both cloud...

Oracle Rushes Emergency Fix for Critical WebLogic Server Flaw

Oracle has released a rare out-of-band patch for a remote code-execution flaw in several versions of its WebLogic server. The vulnerability CVE-2020-14750 has a CVSS base score of 9.8 out of 10, and is remotely exploitable without authentication meaning it may be exploited over a network without...

Oracle Trade Management Unauthorized Access Vulnerability

Oracle Trade Management is a trade management system from Oracle. It provides functions such as product categorization and allocation, import of purchase orders and letters of credit, and reconciliation of estimated and actual costs to improve trade efficiency and profitability. An unauthorized...

CVE-2020-2842

Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite component: Estimate and Actual Charges. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Depot...

CVE-2020-2733

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Monitoring and Diagnostics. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

CVE-2020-2712

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Core. Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking...

PT-2019-3755 · Oracle +1 · Oracle Business Intelligence Enterprise Edition +1

Name of the Vulnerable Software and Affected Versions: Oracle Business Intelligence Enterprise Edition versions 12.2.1.3.0 through 12.2.1.4.0 Description: The issue is related to inadequate access control in the Analytics Actions subcomponent of Oracle Business Intelligence Enterprise Edition, pa...

CVE-2018-3206

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2018-3204

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware subcomponent: Analytics Server. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2018-3152

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GlassFish Server...

CVE-2018-3102

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware subcomponent: Outside In Filters. The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...