Lucene search
K

182 matches found

BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.5 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete file access rights...

6.8CVSS7.6AI score0.00193EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/24 12:0 a.m.4 views

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete file access rights...

5.5CVSS7.6AI score0.00187EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/01/21 9:15 p.m.5 views

CVE-2025-21538

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS5.8AI score0.00182EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 9:15 p.m.4 views

CVE-2025-21517

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

4.3CVSS7.3AI score0.0039EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 9:15 p.m.5 views

CVE-2025-21513

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS5.8AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 9:15 p.m.1 views

CVE-2025-21511

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

7.5CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2025/01/21 9:15 p.m.4 views

CVE-2025-21509

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

6.5CVSS5.8AI score0.00661EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 9:15 p.m.4 views

CVE-2025-21514

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

5.3CVSS5.8AI score0.00477EPSS
Exploits0References1
NVD
NVD
added 2025/01/21 9:15 p.m.8 views

CVE-2025-21512

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

6.1CVSS0.00369EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/01/21 9:15 p.m.1 views

CVE-2025-21515

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

8.8CVSS7.3AI score0.00642EPSS
Exploits0References2
NVD
NVD
added 2025/01/21 9:15 p.m.8 views

CVE-2025-21511

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

7.5CVSS0.00305EPSS
Exploits0References1
NVD
NVD
added 2025/01/21 9:15 p.m.8 views

CVE-2025-21507

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

5.4CVSS0.00187EPSS
Exploits0References1
OSV
OSV
added 2025/01/21 9:15 p.m.5 views

CVE-2025-21508

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseO...

6.5CVSS7.3AI score0.00661EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.5 views

PT-2025-4243 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue is related to a component of JD Edwards EnterpriseOne Tools, specifically the Web Runtime SEC. It can be easily exploited, allowing an unauthenticated attacker wi...

7.8CVSS8.9AI score0.00305EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.4 views

PT-2024-10264 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: This issue allows an attacker with low privileges and network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks can result in the unauthorize...

6.8CVSS9AI score0.00661EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.5 views

PT-2024-10307 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue is related to the use of open redirection in the Web Runtime SEC component of JD Edwards EnterpriseOne Tools. This allows an unauthenticated attacker with network...

6.4CVSS8.2AI score0.00369EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.5 views

PT-2024-10267 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue is related to a vulnerability in the Web Runtime SEC component of JD Edwards EnterpriseOne Tools, which can be exploited by a low-privileged attacker with network...

4.3CVSS8.8AI score0.0039EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.5 views

PT-2024-10262 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue is related to insufficient input validation in the Web Runtime SEC component. This easily exploitable vulnerability allows an unauthenticated attacker with networ...

5.3CVSS8.3AI score0.00477EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.5 views

PT-2024-10263 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue is related to the Web Runtime SEC component and can be easily exploited, allowing an unauthenticated attacker with network access via HTTP to compromise JD Edward...

6.8CVSS7.7AI score0.00193EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.6 views

PT-2024-10265 · Oracle · Jd Edwards Enterpriseone Tools

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Tools versions prior to 9.2.9.0 Description: The issue allows a low-privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks can result in the unauthorized...

6.8CVSS9.2AI score0.00661EPSS
Exploits0References5
Rows per page
Query Builder