Lucene search
+L

120 matches found

OSV
OSV
added 2019/04/23 7:32 p.m.4 views

CVE-2019-2567

Vulnerability in the Oracle Configurator component of Oracle Supply Chain Products Suite subcomponent: Active Model Generation. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

7.5CVSS7.1AI score0.01612EPSS
Exploits0References1
Prion
Prion
added 2019/04/23 7:32 p.m.16 views

Design/Logic Flaw

Vulnerability in the Oracle Configurator component of Oracle Supply Chain Products Suite subcomponent: Active Model Generation. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

5CVSS7AI score0.01612EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2019/04/23 6:16 p.m.12 views

CVE-2019-2567

Vulnerability in the Oracle Configurator component of Oracle Supply Chain Products Suite subcomponent: Active Model Generation. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

6.4AI score0.01612EPSS
Exploits0References1
CVE
CVE
added 2019/04/23 6:16 p.m.53 views

CVE-2019-2567

CVE-2019-2567 affects Oracle Configurator (Active Model Generation) in Oracle Supply Chain Products Suite. Affected: 12.1 and 12.2. Issue: unauthenticated attacker over HTTP can gain unauthorized access to Oracle Configurator data. CVSSv3 base score 7.5 (High) with confidentiality impact. Connect...

7.5CVSS7.1AI score0.01612EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2016/04/22 12:0 a.m.4 views

Unspecified Vulnerability in Oracle Supply Chain Products Suite Configurator Component

Oracle Supply Chain Products Suite is a suite of supply chain solutions from Oracle Corporation, of which Oracle Configurator is a configuration component that integrates order management, quoting and selling. An unspecified vulnerability in the JRAD Heartbeat subcomponent of the Oracle...

8.2CVSS6.8AI score0.02134EPSS
Exploits0References1
NVD
NVD
added 2016/04/21 11:0 a.m.18 views

CVE-2016-3438

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows remote attackers to affect confidentiality and integrity via vectors related to JRAD Heartbeat. NOTE: the previous information is from the April 2016 CPU. Oracle has...

8.2CVSS6.3AI score0.02134EPSS
Exploits0References5
OSV
OSV
added 2016/04/21 11:0 a.m.6 views

CVE-2016-3438

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows remote attackers to affect confidentiality and integrity via vectors related to JRAD Heartbeat. NOTE: the previous information is from the April 2016 CPU. Oracle has...

8.2CVSS7.3AI score0.02134EPSS
Exploits0References5
Prion
Prion
added 2016/04/21 11:0 a.m.13 views

Cross site scripting

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows remote attackers to affect confidentiality and integrity via vectors related to JRAD Heartbeat. NOTE: the previous information is from the April 2016 CPU. Oracle has...

6.4CVSS5.1AI score0.02134EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2016/04/21 10:0 a.m.24 views

CVE-2016-3438

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows remote attackers to affect confidentiality and integrity via vectors related to JRAD Heartbeat. NOTE: the previous information is from the April 2016 CPU. Oracle has...

6.6AI score0.02134EPSS
Exploits0References5
OSV
OSV
added 2016/01/21 3:1 a.m.6 views

CVE-2016-0541

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors related to UI Servlet, a different vulnerability than CVE-2016-0540...

5.8AI score0.01831EPSS
Exploits0References2
OSV
OSV
added 2016/01/21 3:1 a.m.5 views

CVE-2016-0540

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors related to UI Servlet, a different vulnerability than CVE-2016-0541...

5.8AI score0.01831EPSS
Exploits0References2
Prion
Prion
added 2016/01/21 3:1 a.m.14 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors related to UI Servlet, a different vulnerability than CVE-2016-0540...

5CVSS5.8AI score0.01831EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2016/01/21 2:0 a.m.37 views

CVE-2016-0541

CVE-2016-0541 affects Oracle Supply Chain Products Suite components: Oracle Configurator UI Servlet, with versions 11.5.10.2, 12.1, and 12.2. The issue is described as a data-access vulnerability that allows remote attackers to access sensitive data, compromising confidentiality via unknown vecto...

5CVSS6.4AI score0.01831EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2007/07/18 7:30 p.m.26 views

CVE-2007-3866

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via a Oracle Configurator APPS02, b Oracle iExpenses APPS03, c Oracle Application Object Library APPS09, and 1 APPS12, 2 APPS13, and 3 APPS14 in d Oracle Payables...

7.5CVSS6.6AI score0.02739EPSS
Exploits0References12
Prion
Prion
added 2007/07/18 7:30 p.m.23 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via a Oracle Configurator APPS02, b Oracle iExpenses APPS03, c Oracle Application Object Library APPS09, and 1 APPS12, 2 APPS13, and 3 APPS14 in d Oracle Payables...

7.5CVSS7.1AI score0.02739EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2007/07/18 7:0 p.m.31 views

CVE-2007-3866

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via a Oracle Configurator APPS02, b Oracle iExpenses APPS03, c Oracle Application Object Library APPS09, and 1 APPS12, 2 APPS13, and 3 APPS14 in d Oracle Payables...

6.6AI score0.02739EPSS
Exploits0References12
Cvelist
Cvelist
added 2005/03/28 5:0 a.m.21 views

CVE-2002-1640

Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...

5.5AI score0.05236EPSS
Exploits1References6
CERT
CERT
added 2002/07/31 12:0 a.m.19 views

Oracle Configurator discloses version and host information via "test" argument passed to servlet

Overview A servlet component of Oracle Configurator may post sensitive version and host information to any Web user that makes a crafted request to the server. Description Oracle Configurator is an Internet application used to configure Oracle Application and Database Servers. If a user sends a...

6.2AI score
Exploits0References3
NVD
NVD
added 2002/04/01 5:0 a.m.14 views

CVE-2002-1639

Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host"...

7.5CVSS6AI score0.05332EPSS
Exploits0References5
NVD
NVD
added 2002/04/01 5:0 a.m.14 views

CVE-2002-1640

Multiple cross-site scripting XSS vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to inject arbitrary web script or HTML via 1 Text Features in the DHTML UI or 2 the test parameter to the oracle.apps.cz.servlet.UiServlet servlet...

6.8CVSS5.5AI score0.05236EPSS
Exploits1References6
Rows per page
Query Builder