Lucene search
K

227 matches found

BDU FSTEC
BDU FSTEC
added 2022/06/09 12:0 a.m.6 views

The vulnerability of the sub-component of the Dynamo Application Framework within the component of the Oracle Commerce Platform of the e-commerce platform Oracle Commerce allows a perpetrator to execute arbitrary code and gain full control over the application.

The vulnerability of the sub-component of the Dynamo Application Framework within the Oracle Commerce Platform of the e-commerce platform Oracle Commerce exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.01601EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/04/20 12:0 a.m.15 views

Oracle Commerce Input Validation Error Vulnerability (CNVD-2022-31684)

Oracle Commerce is the United States Oracle Oracle company's set of e-business solutions. Oracle Commerce's Oracle Commerce Guided Search suffers from an input validation error vulnerability that could allow an unauthenticated attacker to compromise Oracle Commerce Guided Search via web access ov...

7.5CVSS6.9AI score0.01734EPSS
Exploits0References1
OSV
OSV
added 2022/04/19 9:15 p.m.3 views

CVE-2022-21466

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce component: Tools and Frameworks. The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Searc...

7.5CVSS7.3AI score0.01734EPSS
Exploits0References1
NVD
NVD
added 2022/04/19 9:15 p.m.16 views

CVE-2022-21466

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce component: Tools and Frameworks. The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Searc...

7.5CVSS0.01734EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.9 views

CVE-2022-21466

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce component: Tools and Frameworks. The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Searc...

7.5CVSS7.1AI score0.01734EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/04/19 9:15 p.m.20 views

Design/Logic Flaw

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce component: Tools and Frameworks. The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Searc...

5CVSS7.4AI score0.01734EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/04/19 8:38 p.m.97 views

CVE-2022-21466

CVE-2022-21466 affects Oracle Commerce Guided Search (Tools and Frameworks) in Oracle Commerce 11.3.2. The vulnerability allows an unauthenticated, network-accessible attacker via HTTP to access or compromise Oracle Commerce Guided Search, with Confidentiality impact described as High and other i...

7.5CVSS7.5AI score0.01734EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/19 8:38 p.m.12 views

CVE-2022-21466

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce component: Tools and Frameworks. The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Searc...

7.5CVSS6.7AI score0.01734EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/19 8:38 p.m.19 views

CVE-2022-21466

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce component: Tools and Frameworks. The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Searc...

7.5CVSS7.6AI score0.01734EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/04/19 12:0 a.m.4 views

Oracle Commerce 输入验证错误漏洞

Oracle Commerce is the United States Oracle Oracle company's set of e-business solutions. Oracle Commerce's Oracle Commerce Guided Search suffers from an input validation error vulnerability that could allow an unauthenticated attacker to compromise Oracle Commerce Guided Search via web access ov...

7.5CVSS8AI score0.01734EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/04/14 12:0 a.m.4 views

The vulnerability of the sub-component of the Dynamo Application Framework within the component of the Oracle Commerce Platform of the e-commerce platform Oracle Commerce allows a perpetrator to gain access to data.

The vulnerability of the sub-component of the Dynamo Application Framework within the Oracle Commerce Platform, an e-commerce platform, exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain access to data by using specially crafted...

5.3CVSS6.6AI score0.01147EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/01/21 12:0 a.m.19 views

Oracle Commerce Input Validation Error Vulnerability

Oracle Commerce is the United States Oracle Oracle company's set of e-business solutions. Commerce Platform is one of them to provide a multi-functional e-business platform components. A security vulnerability in Oracle Commerce's Oracle Commerce Platform product could allow an unauthenticated...

5.3CVSS6AI score0.01147EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/19 12:15 p.m.4 views

CVE-2022-21387

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS6AI score0.01147EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/01/19 12:15 p.m.17 views

CVE-2022-21387

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS0.01147EPSS
Exploits0References1
OSV
OSV
added 2022/01/19 12:15 p.m.5 views

CVE-2022-21387

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS5.8AI score0.01147EPSS
Exploits0References1
Prion
Prion
added 2022/01/19 12:15 p.m.22 views

Design/Logic Flaw

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5CVSS4.7AI score0.01147EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/01/19 11:26 a.m.82 views

CVE-2022-21387

CVE-2022-21387 : A vulnerability in Oracle Commerce Platform (Dynamo Application Framework) affects versions 11.3.0, 11.3.1, and 11.3.2. An unauthenticated, network-accessible attacker over HTTP can read a subset of data from the Oracle Commerce Platform. CVSSv3.1 base score is 5.3 (Confidentiali...

5.3CVSS4.8AI score0.01147EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/01/19 11:26 a.m.10 views

CVE-2022-21387

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS5.7AI score0.01147EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/19 11:26 a.m.24 views

CVE-2022-21387

Vulnerability in the Oracle Commerce Platform product of Oracle Commerce component: Dynamo Application Framework. Supported versions that are affected are 11.3.0, 11.3.1 and 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS5AI score0.01147EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/19 12:0 a.m.5 views

Oracle Commerce 输入验证错误漏洞

Oracle Commerce is the United States Oracle Oracle company's set of e-business solutions. Commerce Platform is one of them to provide a multi-functional e-business platform components. A security vulnerability in Oracle Commerce's Oracle Commerce Platform product could allow an unauthenticated...

5.3CVSS5.7AI score0.01147EPSS
Exploits0References3
Rows per page
Query Builder