Lucene search
K

182 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:42 p.m.5 views

CVE-2022-21561

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

6.5CVSS5.9AI score0.00679EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:50 p.m.8 views

CVE-2022-21630

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS6.3AI score0.00493EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:1 p.m.3 views

CVE-2021-2373

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.5.3 and Prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

5.4CVSS5.3AI score0.00511EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/05 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS7.2AI score0.00293EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.6 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain unauthorized access to add, delete, and modify data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to access control errors. Exploiting this vulnerability could allow an attacker to gain unauthorized access to add, delete, and modify data...

5.5CVSS7.2AI score0.0029EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/17 9:47 p.m.11 views

CVE-2025-30709

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

6.1CVSS6.2AI score0.00333EPSS
Exploits0References1
NVD
NVD
added 2025/04/15 9:16 p.m.41 views

CVE-2025-30740

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.5CVSS0.00293EPSS
Exploits0References1
OSV
OSV
added 2025/04/15 9:16 p.m.6 views

CVE-2025-30740

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

6.5CVSS5.8AI score0.00293EPSS
Exploits0References1
OSV
OSV
added 2025/04/15 9:16 p.m.4 views

CVE-2025-30709

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

6.1CVSS7.1AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.5 views

Oracle JD Edwards EnterpriseOne Tools 安全漏洞

Oracle JD Edwards EnterpriseOne Tools is a component for installing, updating, and managing JD Edwards EnterpriseOne applications from Oracle Corporation Oracle. A security vulnerability exists in Oracle JD Edwards EnterpriseOne Tools versions 9.2.0.0 through 9.2.9.2, which stems from improper...

5.4CVSS7.1AI score0.0029EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/06 12:59 a.m.9 views

CVE-2022-21542

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime. Supported versions that are affected are 9.2.6.3 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne...

7.4CVSS6.7AI score0.00572EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for managing enterprise resources allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the lack of authenticity verification for a critical function. Exploitation of this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, a...

9CVSS7.7AI score0.00642EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to a lack of mechanisms for verifying the source of the data. Exploiting this vulnerability could allow an attacker, operating remotely, to disclose sensitive information through a specially...

7.8CVSS7.6AI score0.00305EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows attackers to disclose protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the disclosure of information through incompatibility. Exploitation of this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through HTTP requests...

7.8CVSS7.6AI score0.00652EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.6 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to execute a CSRF attack remotely...

6.4CVSS7.5AI score0.00182EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/27 12:0 a.m.6 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete data.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves the use of open redirection. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete access to data...

6.4CVSS7.7AI score0.00369EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.4 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools, a resource management system for enterprises, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

5.3CVSS7.7AI score0.00477EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system, which allows a hacker to trigger a service failure.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management involves unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

6.8CVSS7.7AI score0.00661EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.4 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete file access rights...

5.5CVSS7.6AI score0.00187EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete file access rights...

6.8CVSS7.6AI score0.00193EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder