142 matches found
CVE-2024-21128
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: APIs. Supported versions that are affected are 12.2.6-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object...
CVE-2024-20929
The CVE-2024-20929 entry concerns Oracle E-Business Suite’s Oracle Application Object Library (AOL) with the vulnerable DB Privileges component. Affected versions are 12.2.3–12.2.13. It is exploitable by an unauthenticated attacker over HTTP with network access, enabling unauthorized update/inser...
The vulnerability of the DB Privileges component of the Oracle Application Object Library in the Oracle E-Business Suite allows a perpetrator to gain access to read, modify, or delete data.
The vulnerability of the DB Privileges component of the Oracle Application Object Library in the Oracle E-Business Suite system for enterprise automation activities is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gai...
PT-2024-1210 · Oracle · Oracle E-Business Suite +1
Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.2.3 through 12.2.13 Description: The issue exists due to insufficient input validation in the Engineering Change Order component of Oracle Application Object Library. This allows a remote attacker to gain...
Oracle E-Business Suite (Apr 2023 CPU)
The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: GUI. Supported versions that are...
CVE-2023-21978
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: GUI. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object...
CVE-2023-21978
CVE-2023-21978 affects Oracle E-Business Suite, specifically the Oracle Application Object Library GUI component. Affected versions are 12.2.3–12.2.11. The underlying issue is insufficient input validation in the GUI of the Oracle Application Object Library, allowing a low-privileged, network-acc...
Design/Logic Flaw
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Profiles. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2021-2314
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Profiles. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2021-2314
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Profiles. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2020-14840
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
CVE-2020-14840
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
CVE-2020-14840
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
CVE-2020-14840
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
CVE-2020-14635
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Logging. Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Obje...
CVE-2020-14554
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-14554
CVE-2020-14554 affects Oracle E-Business Suite Oracle Application Object Library (AOL) Diagnostics. Affected: AOL in EBS versions 12.1.3 and 12.2.3–12.2.8. Vulnerability allows unauthenticated, network-accessed HTTP exploitation with user interaction required, potentially enabling unauthorized up...
Design/Logic Flaw
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite component: Login Help. Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application...
CVE-2019-3027
The CVE-2019-3027 entry concerns Oracle E-Business Suite’s Oracle Application Object Library (AOL), Login Help component. Affected versions are 12.2.5–12.2.9. The vulnerability is exploitable by an unauthenticated attacker over HTTP with network access, potentially enabling partial denial of serv...
CVE-2019-2761
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP...