Lucene search
+L

55 matches found

CVE
CVE
added 2023/07/18 8:18 p.m.64 views

CVE-2023-22037

The CVE-2023-22037 vulnerability affects Oracle E-Business Suite’s Oracle Web Applications Desktop Integrator (MS Excel Specific) with affected versions 12.2.3–12.2.12. The issue enables a low-privilege, network-accessible attacker (via HTTP) to compromise the component, requiring user interactio...

6.5CVSS6.5AI score0.00302EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.9 views

PT-2023-3700 · Oracle +1 · Oracle Web Applications Desktop Integrator +1

Name of the Vulnerable Software and Affected Versions: Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the MS Excel Specific component of Oracle Web Applications Desktop Integrator, part of the Oracle...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References6
CNVD
CNVD
added 2023/02/09 12:0 a.m.54 views

Oracle E-Business Suite Information Disclosure Vulnerability (CNVD-2023-08435)

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle Web...

5.4CVSS5.4AI score0.00355EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/02/06 12:0 a.m.10 views

The vulnerability of the Upload component of the software environment for working with Oracle Web Applications desktop integrations allows a hacker to gain full control over the application.

The vulnerability of the Upload component of the software environment for working with Oracle Web Applications Desktop Integrator relates to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain full control over the application...

10CVSS8.1AI score0.98342EPSS
Exploits7References4Affected Software2
The Hacker News
The Hacker News
added 2023/02/03 5:23 a.m.7 views

CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA on February 2 added two security flaws to its Known Exploited Vulnerabilities KEV Catalog, citing evidence of active exploitation. The first of the two vulnerabilities is CVE-2022-21587 CVSS score: 9.8, a critical issue impacting...

9.8CVSS9.7AI score0.98342EPSS
Exploits16
CISA KEV Catalog
CISA KEV Catalog
added 2023/02/02 12:0 a.m.47 views

Oracle E-Business Suite Unspecified Vulnerability

Oracle E-Business Suite contains an unspecified vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator...

9.8CVSS3.2AI score0.98342EPSS
In wildExploits7
BDU FSTEC
BDU FSTEC
added 2023/01/30 12:0 a.m.11 views

The vulnerability of the Download component of the software for working with web applications, Oracle Web Applications Desktop Integrator from the enterprise automation system Oracle E-Business Suite, allows a perpetrator to gain unauthorized access to protected data or to modify, add, or delete protected data.

The vulnerability of the Download component of the software for working with web applications, Oracle Web Applications Desktop Integrator of the enterprise automation system Oracle E-Business Suite, is related to insufficient validation of entered data. Exploiting this vulnerability can allow an...

5.5CVSS6.6AI score0.00355EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2023/01/18 12:15 a.m.18 views

CVE-2023-21847

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Download. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web...

5.4CVSS5AI score0.00355EPSS
Exploits0References1
OSV
OSV
added 2023/01/18 12:15 a.m.5 views

CVE-2023-21847

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Download. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web...

5.4CVSS6.7AI score0.00355EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.5 views

PT-2023-1200 · Oracle · Oracle Web Applications Desktop Integrator

Name of the Vulnerable Software and Affected Versions: Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.12 Description: The issue is related to insufficient input validation in the Download component of Oracle Web Applications Desktop Integrator, part of the Oracle E-Busine...

5.5CVSS4.8AI score0.00355EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/11/03 12:0 a.m.10 views

The vulnerability of the Upload component of the software environment for working with Oracle Web Applications desktop integrations allows a hacker to gain full control over the application.

The vulnerability of the Upload component of the Oracle Web Applications Desktop Integrator software lies in insufficient validation of input data. Exploiting this vulnerability could allow an attacker to gain full control over the application through the use of the HTTP protocol...

10CVSS7.7AI score0.36455EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/10/20 12:0 a.m.55 views

Oracle E-Business Suite has an unspecified vulnerability (CNVD-2023-05481)

Oracle E-Business Suite E-Business Suite is a fully integrated global business management software from Oracle Corporation USA. A security vulnerability exists in Oracle Web Applications Desktop Integrator for Oracle E-Business Suite. An unauthenticated attacker could exploit the vulnerability to...

9.8CVSS1.5AI score0.36455EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/10/20 12:0 a.m.58 views

Oracle E-Business Suite (Oct 2022 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions...

9.8CVSS7AI score0.98342EPSS
Exploits8References6
NCSC
NCSC
added 2022/10/19 12:0 a.m.12 views

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root privileges Access to...

9.8CVSS9.2AI score0.98342EPSS
Exploits9
OSV
OSV
added 2022/10/18 9:15 p.m.2 views

CVE-2022-39428

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...

9.8CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/10/18 9:15 p.m.3 views

CVE-2022-39428

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...

9.8CVSS5.8AI score0.36455EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/10/18 9:15 p.m.4 views

CVE-2022-21587

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...

9.8CVSS5.8AI score0.98342EPSS
Exploits7References3
NVD
NVD
added 2022/10/18 9:15 p.m.23 views

CVE-2022-21587

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...

9.8CVSS0.98342EPSS
Exploits7References3
Prion
Prion
added 2022/10/18 9:15 p.m.14 views

Code injection

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web...

7.5CVSS9.2AI score0.36455EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/18 12:0 a.m.3 views

PT-2022-6231

Name of the Vulnerable Software and Affected Versions Oracle Web Applications Desktop Integrator versions 12.2.3 through 12.2.11 Description A flaw exists in the Upload component of Oracle Web Applications Desktop Integrator within Oracle E-Business Suite. This issue allows an unauthenticated...

9.8CVSS7.8AI score0.98342EPSS
Exploits7References55
Rows per page
Query Builder