Lucene search
+L

285 matches found

nessus
nessus
added 2022/10/20 12:0 a.m.58 views

Oracle E-Business Suite (Oct 2022 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Upload. Supported versions...

9.8CVSS7AI score0.98342EPSS
Exploits8References6
ncsc
ncsc
added 2022/10/19 12:0 a.m.12 views

Vulnerabilities fixed in Oracle E-Business Suite

Vulnerabilities have been fixed in Oracle E-Business Suite. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution Administrator/Root privileges Access to...

9.8CVSS9.2AI score0.98342EPSS
Exploits9
attackerkb
attackerkb
added 2022/10/18 9:15 p.m.10 views

CVE-2022-21636

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Session Management. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

6.5CVSS6.9AI score0.00679EPSS
Exploits0References2Affected Software1
osv
osv
added 2022/10/18 9:15 p.m.4 views

CVE-2022-21636

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Session Management. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

6.5CVSS5.8AI score0.00679EPSS
Exploits0References1
nvd
nvd
added 2022/10/18 9:15 p.m.16 views

CVE-2022-21636

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Session Management. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

6.5CVSS0.00679EPSS
Exploits0References1
prion
prion
added 2022/10/18 9:15 p.m.20 views

Code injection

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Session Management. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

4CVSS6.3AI score0.00679EPSS
Exploits0References1Affected Software1
cve
cve
added 2022/10/18 12:0 a.m.73 views

CVE-2022-21636

CVE-2022-21636 affects Oracle E-Business Suite’s Oracle Applications Framework (Session Management). Across multiple sources, affected versions are 12.2.6–12.2.11. The vulnerability allows a low-privilege, network-accessible attacker (via HTTP) to access or potentially exfiltrate data within Orac...

6.5CVSS6.4AI score0.00679EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2022/10/18 12:0 a.m.10 views

CVE-2022-21636

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Session Management. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

6.5CVSS6.3AI score0.00679EPSS
Exploits0References1
cvelist
cvelist
added 2022/10/18 12:0 a.m.24 views

CVE-2022-21636

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Session Management. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

6.5CVSS7AI score0.00679EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/10/18 12:0 a.m.4 views

Oracle Applications Framework 安全漏洞

Oracle Applications Framework is an MVC-based web development framework from Oracle Corporation. A security vulnerability exists in Oracle Applications Framework versions 12.2.6 through 12.2.11. An attacker could exploit this vulnerability to gain access to critical data or full access to all...

6.5CVSS7.2AI score0.00679EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2022/09/07 12:0 a.m.8 views

The vulnerability of the Diagnostics component of the Oracle Applications Framework software, a part of the Oracle E-Business Suite, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the Diagnostics component of the Oracle Applications Framework software in the Oracle E-Business Suite exists due to insufficient verification of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected...

7.8CVSS7.3AI score0.00906EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2022/07/22 12:0 a.m.259 views

Oracle E-Business Suite (Jul 2022 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory. - Vulnerability in the Oracle E-Business Suite Information Discovery product of Oracle E-Business Suite component: Packaging issues Apache...

9.8CVSS7.2AI score0.70589EPSS
Exploits2References8
ncsc
ncsc
added 2022/07/20 12:0 a.m.9 views

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in the following E-Business Suite applications: - Oracle Workflow - Oracle E-Business Suite Information Discovery - Oracle iReceivables - Oracle iRecruitment - Oracle Applications Framework - Oracle User Management The vulnerabilities potentially enable a maliciou...

9.8CVSS7.4AI score0.70589EPSS
Exploits2
attackerkb
attackerkb
added 2022/07/19 10:15 p.m.7 views

CVE-2022-21566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications...

7.5CVSS7.2AI score0.00906EPSS
Exploits0References2Affected Software1
osv
osv
added 2022/07/19 10:15 p.m.5 views

CVE-2022-21566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications...

7.5CVSS7.3AI score0.00906EPSS
Exploits0References1
prion
prion
added 2022/07/19 10:15 p.m.20 views

Code injection

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications...

5CVSS7.3AI score0.00906EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2022/07/19 12:0 a.m.14 views

Oracle Applications Framework 输入验证错误漏洞

Oracle Applications Framework is an MVC-based web development framework from Oracle Corporation. An input validation error vulnerability exists in Oracle Applications Framework component: Diagnostics versions 12.2.9 through 12.2.11, which can be exploited by an attacker to gain web access over...

7.5CVSS7.6AI score0.00906EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2022/06/27 12:0 a.m.10 views

The vulnerability of components in the Oracle Applications Framework’s File Upload and Attachments programs allows a perpetrator to gain access to read data or modify data.

The vulnerability of the Attachments and File Upload components of the Oracle Applications Framework exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to data or modify data using specially craft...

5.4CVSS6.6AI score0.00498EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2022/06/17 12:0 a.m.9 views

The vulnerability of the Attachments/File Upload sub-component of the Oracle Applications Framework in the Oracle E-Business Suite allows a perpetrator to modify data or gain unauthorized access to protected information.

The vulnerability of the Attachments/File Upload sub-component of the Oracle Applications Framework in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify data or gain unauthorized access ...

7.9CVSS7.3AI score0.0069EPSS
Exploits0References3Affected Software1
nessus
nessus
added 2022/04/22 12:0 a.m.64 views

Oracle E-Business Suite (Apr 2022 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory. - Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Popups. Supported versions that are affect...

6.1CVSS6.5AI score0.00857EPSS
Exploits0References4
Rows per page
Query Builder