CVE-2025-13718

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors...

EUVD-2025-208649

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token...

CVE-2025-13702 IBM Sterling Partner Engagement Manager Cross-Site Scripting

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

CVE-2024-21092

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2024-21091

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Data Import. The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

Oracle Supply Chain Products Suite Security Vulnerability

Oracle Supply Chain Products Suite is a set of supply chain solutions from Oracle Oracle. The product provides value chain planning, value chain execution, product lifecycle management and other functions. A security vulnerability exists in Oracle Supply Chain Products Suite versions prior to...