CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/02/06 2:57 a.m.•6 views

CVE-2025-21516

Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite component: Service Requests. Supported versions that are affected are 12.2.5-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Customer Care...

8.1CVSS6.8AI score0.00516EPSS

BDU FSTEC•added 2025/02/06 12:0 a.m.•3 views

The vulnerability of the Service Requests component of the Oracle Customer Care software solution in the Oracle E-Business Suite, which allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Service Requests component in the Oracle Customer Care software of the Oracle E-Business Suite lies in the lack of an authentication mechanism. Exploiting this vulnerability allows a malicious actor to manipulate the confidentiality and integrity of protected information...

8.5CVSS7.7AI score0.00516EPSS

Exploits0References3Affected Software2

Tenable Nessus•added 2025/01/24 12:0 a.m.•77 views

Oracle E-Business Suite (January 2025 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2025 CPU advisory. - Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite component: Service Requests. Supported versions that are...

8.1CVSS8.2AI score0.00516EPSS

Exploits0References6

NVD•added 2025/01/21 9:15 p.m.•3 views

CVE-2025-21516

8.1CVSS0.00516EPSS

CNNVD•added 2025/01/21 12:0 a.m.•3 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Customer Care versions 12.2.5...

8.1CVSS8.8AI score0.00516EPSS

Exploits0References2

CVE•added 2024/02/17 1:50 a.m.•57 views

CVE-2024-20949

CVE-2024-20949 affects Oracle E-Business Suite, Oracle Customer Interaction History (Outcome-Result) in versions 12.2.3–12.2.13. An unauthenticated attacker with network access via HTTP can exploit this after user interaction to perform unauthorized updates, inserts, deletes, and reads of data. A...

6.1CVSS5.8AI score0.00361EPSS

Exploits0References1Affected Software1

BDU FSTEC•added 2024/01/24 12:0 a.m.•3 views

The vulnerability of the Admin Console component of the Oracle CRM system, which manages customer relationships. The Oracle CRM Technical Foundation, a business automation system, and the Oracle E-Business Suite enable a perpetrator to cause service interruptions.

The vulnerability of the Admin Console component of the Oracle CRM system, which manages customer relationships, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause service interruptions using the HTTP network protocol...

4.3CVSS6.3AI score0.00464EPSS

Exploits0References4Affected Software1

NCSC•added 2024/01/18 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in E-Business suite and components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle...

6.5CVSS6.3AI score0.00493EPSS

Exploits0

Prion•added 2024/01/16 10:15 p.m.•13 views

Buffer overflow

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite component: Outcome-Result. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Custom...

5.8CVSS6.5AI score0.00327EPSS

Exploits0References1Affected Software1

8.2CVSS7.7AI score0.01169EPSS

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over the data.

The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add,...

8.2CVSS7.7AI score0.01155EPSS

8.2CVSS7.7AI score0.01169EPSS

8.2CVSS7.7AI score0.01179EPSS

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system, which allows a perpetrator to gain unauthorized access to protected information or to read, add, or delete data.

The vulnerability of the Preferences component of the Oracle CRM Technical Foundation system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delet...

NVD•added 2021/01/20 3:15 p.m.•7 views

CVE-2021-2105

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite component: Outcome-Result. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

8.2CVSS8AI score0.01169EPSS

OSV•added 2021/01/20 3:15 p.m.•2 views

CVE-2021-2084

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Preferences. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CR...

8.2CVSS7.3AI score0.01169EPSS

Vulnrichment•added 2021/01/20 2:50 p.m.•15 views

CVE-2021-2106

8.2CVSS7.3AI score0.01169EPSS