Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

64 matches found

Vulnrichment
Vulnrichmentadded 2021/04/22 9:53 p.m.9 views

CVE-2021-2271

Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite component: Resource Exceptions. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Work ...

8.1CVSS6.9AI score0.00987EPSS
Exploits0References1
CVE
CVEadded 2021/04/22 9:53 p.m.64 views

CVE-2021-2271

CVE-2021-2271 affects Oracle E-Business Suite, Oracle Work in Process (Resource Exceptions). Affected: versions 12.1.3 and 12.2.3–12.2.8. The vulnerability allows a low-privileged attacker who can reach the system over HTTP (network access) to compromise Oracle Work in Process, potentially enabli...

8.1CVSS8.1AI score0.00987EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/04/22 9:53 p.m.19 views

CVE-2021-2271

Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite component: Resource Exceptions. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Work ...

8.1CVSS8.3AI score0.00987EPSS
Exploits0References1
CNVD
CNVDadded 2021/04/21 12:0 a.m.5 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2021-33852)

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, it is a seamless integration of a management suite.Orac...

8.1CVSS6.4AI score0.00987EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/04/20 12:0 a.m.2 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, it is a seamless integration of a management suite.Orac...

8.1CVSS5.6AI score0.00987EPSS
Exploits0References3
Kitploit
Kitploitadded 2020/11/23 8:30 p.m.33 views

ToothPicker - An In-Process, Coverage-Guided Fuzzer For iOS

ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS's Bluetooth daemon bluetoothd and to analyze various Bluetooth protocols on iOS. As it is built using FRIDA, it can be adapted to target any platform that runs FRIDA. This repository also...

6.7AI score
Exploits0References9
RedHat Linux
RedHat Linuxadded 2020/09/08 12:9 p.m.3 views

jenkins-script-security-plugin: cross-site scripting vulnerability due to configure sandboxed scripts

Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00754EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2020/07/31 2:24 p.m.4 views

jenkins-script-security-plugin: cross-site scripting vulnerability due to configure sandboxed scripts

Jenkins Script Security Plugin 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page, resulting in a stored cross-site scripting vulnerability...

5.4CVSS5.6AI score0.00754EPSS
Exploits0References5
Check Point Advisories
Check Point Advisoriesadded 2020/02/17 12:0 a.m.9 views

Oracle E-Business Suite SQL Injection (CVE-2019-2633; CVE-2019-2638)

An SQL vulnerability exists in the Work In Process component of Oracle E-Business Suite. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements with the privileges of the APPS database user...

6.5CVSS3.9AI score0.01381EPSS
Exploits0
BDU FSTEC
BDU FSTECadded 2019/04/30 12:0 a.m.2 views

The vulnerability of the Messages sub-component of the Oracle Work in Process component in the Oracle E-Business Suite allows a perpetrator to gain unauthorized access to protected data.

The vulnerability of the Messages sub-component of the Oracle Work in Process component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected data using the...

8.5CVSS7.7AI score0.01381EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2019/04/23 7:32 p.m.11 views

Design/Logic Flaw

Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite subcomponent: Messages. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS8.2AI score0.01381EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2019/04/23 6:16 p.m.24 views

CVE-2019-2633

Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite subcomponent: Messages. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged attacker with network...

8.4AI score0.01381EPSS
Exploits0References1
CVE
CVEadded 2019/04/23 6:16 p.m.44 views

CVE-2019-2633

CVE-2019-2633 : Vulnerability in Oracle E-Business Suite Work in Process (Messages) affecting 12.1.1, 12.1.2, 12.1.3, 12.2.3–12.2.8. A low-privileged, network-accessible attacker (via HTTP) can compromise data in Work in Process; CVSS v3.1 base score 9.9 (CRITICAL) with C/H/I/H and A/L. Root caus...

9.9CVSS8.2AI score0.01381EPSS
Exploits0References1Affected Software1
CNVD
CNVDadded 2019/04/17 12:0 a.m.1 views

Oracle E-Business Suite Work in Process Component Access Control Error Vulnerability

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management, etc. Work in Process is one of the production management system component...

9.9CVSS6.9AI score0.01381EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2019/04/08 12:0 a.m.71 views

CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS1.9AI score0.65005EPSS
In wildExploits8References71
Apache Httpd
Apache Httpdadded 2019/02/22 12:0 a.m.120 views

Apache Httpd < 2.4.39 : Apache HTTP Server privilege escalation from modules' scripts

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually roo...

7.8CVSS1.7AI score0.65005EPSS
Exploits8Affected Software1
RedhatCVE
RedhatCVEadded 2018/01/26 5:49 p.m.48 views

CVE-2017-1000505

In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coercion feature in Groovy to create new File objects from strings. This allowed reading arbitrary files on the Jenkins master file system. Such a type...

6.5CVSS2.6AI score0.01013EPSS
Exploits0References2
OSV
OSVadded 2018/01/18 2:29 a.m.2 views

CVE-2018-2655

Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite subcomponent: Assemble/Configure to Order. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker...

9.1CVSS7.3AI score0.01949EPSS
Exploits0References3
NVD
NVDadded 2018/01/18 2:29 a.m.16 views

CVE-2018-2655

Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite subcomponent: Assemble/Configure to Order. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker...

9.1CVSS8.4AI score0.01949EPSS
Exploits0References3
Prion
Prionadded 2018/01/18 2:29 a.m.15 views

Design/Logic Flaw

Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite subcomponent: Assemble/Configure to Order. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker...

6.4CVSS8.2AI score0.01949EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder