Lucene search
K

182 matches found

CNNVD
CNNVD
added 2021/07/20 12:0 a.m.8 views

Oracle JD Edwards Products 访问控制错误漏洞

Oracle JD Edwards Products is a fully integrated suite of enterprise resource planning applications ERP from Oracle Corporation USA. JD Edwards EnterpriseOne Tools is one of the components used to install, update and manage JD Edwards EnterpriseOne applications. An unspecified vulnerability exist...

5.4CVSS8.4AI score0.00511EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/09/05 12:0 a.m.3 views

The vulnerability of the Web Runtime component of the JD Edwards EnterpriseOne Tools system allows a hacker to disclose protected information.

The vulnerability of the Web Runtime component of the JD Edwards EnterpriseOne Tools system relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information using the HTTP protocol...

4.3CVSS5.4AI score0.0094EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/04/23 7:32 p.m.1 views

CVE-2019-2564

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

4.3CVSS6.1AI score
Exploits0References1
NVD
NVD
added 2018/07/18 1:29 p.m.19 views

CVE-2018-3006

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS5.3AI score0.01542EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.4 views

CVE-2018-3006

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS7.3AI score0.01542EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.4 views

CVE-2018-2949

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS7.3AI score0.01511EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.5 views

CVE-2018-2948

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS5.8AI score0.01542EPSS
Exploits0References3
NVD
NVD
added 2018/07/18 1:29 p.m.19 views

CVE-2018-2949

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS5.3AI score0.01511EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.3 views

CVE-2018-2947

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

6.5CVSS5.8AI score0.02034EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.5 views

CVE-2018-2945

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS5.8AI score0.01542EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.6 views

CVE-2018-2946

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS7.3AI score0.01542EPSS
Exploits0References3
OSV
OSV
added 2018/07/18 1:29 p.m.5 views

CVE-2018-2950

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.1CVSS7.3AI score0.01542EPSS
Exploits0References3
Prion
Prion
added 2018/07/18 1:29 p.m.19 views

Code injection

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

5.8CVSS5.6AI score0.01542EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/07/18 1:29 p.m.15 views

Code injection

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

5.8CVSS5.6AI score0.01542EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/07/18 1:29 p.m.14 views

Code injection

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

5.8CVSS5.6AI score0.01511EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/07/18 1:29 p.m.18 views

Code injection

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

5.8CVSS5.6AI score0.01542EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/07/18 1:29 p.m.15 views

Code injection

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

4CVSS6AI score0.02034EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/07/18 1:29 p.m.15 views

Code injection

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

5.8CVSS5.6AI score0.01542EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/07/18 1:0 p.m.48 views

CVE-2018-2999

CVE-2018-2999 affects Oracle JD Edwards EnterpriseOne Tools Web Runtime (JD Edwards EnterpriseOne Tools, v9.2). An unauthenticated, network-accessible attacker via HTTP can compromise data; attacks require user interaction and may lead to unauthorized update/insert/delete as well as read access t...

6.1CVSS5.5AI score0.01542EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/07/18 1:0 p.m.48 views

CVE-2018-2949

CVE-2018-2949 affects Oracle JD Edwards EnterpriseOne Tools, Web Runtime subcomponent, in JD Edwards EnterpriseOne Tools 9.2. An unauthenticated, network-accessible attacker can exploit via HTTP to gain unauthorized read and modify access to data in JD Edwards Tools, with user interaction require...

6.1CVSS5.5AI score0.01511EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder