34 matches found
CVE-2020-14551
CVE-2020-14551 affects Oracle AutoVue (Oracle Supply Chain’s Security component) with affected version 21.0. The vulnerability can be exploited by a low-privilege attacker over HTTP over a network to perform unauthorized updates/inserts/deletes on Oracle AutoVue data. The CVSSv3.1 base score is 4...
CVE-2020-2592
Oracle AutoVue vulnerability CVE-2020-2592 affects version 21.0.2 of the Security component in Oracle AutoVue (Oracle Supply Chain). An unauthenticated, network-accessible attacker can exploit over HTTP to gain unauthorized read access to a subset of data. The PT-2020-1465 entry indicates this is...
CVE-2019-2575
Vulnerability in the Oracle AutoVue 3D Professional Advanced component of Oracle Supply Chain Products Suite subcomponent: Format Handling - 2D. Supported versions that are affected are 21.0.0 and 21.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTT...
CVE-2019-2575
The vulnerability CVE-2019-2575 affects Oracle AutoVue 3D Professional Advanced (Format Handling - 2D) in Oracle Supply Chain Products Suite, impacting versions 21.0.0 and 21.0.1. The issue allows an unauthenticated attacker with network access over HTTP to read a subset of data from the affected...
CVE-2013-5868
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5871 and...
Design/Logic Flaw
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5868 and...
Design/Logic Flaw
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5871 and...
CVE-2014-0444
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5868 and...
CVE-2014-0444
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5868 and...
CVE-2014-0444
Technical details about CVE-2014-0444 are not publicly available in the provided documents; monitor for updates from NVD/Oracle.
CVE-2013-5868
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5871 and...
CVE-2013-5868
Technical details for CVE-2013-5868 are not publicly available in the provided documents. No concrete information on affected products, root cause, or remediation is present here. Monitor for updates from primary sources and trusted advisories.
CVE-2013-5871
Technical details for CVE-2013-5871 are not publicly available in the provided documents. The materials reference the vulnerability generically without affected components, versions, or remediation. Monitor for updates.
Oracle AutoVue DGN Parsing Could Allow Arbitrary Code Execution
Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle AutoVue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 HttpClients::IE, :uaminver = "6.0",...
Oracle AutoVue AutoVueX ActiveX Control SetMarkupMode Stack Buffer Overflow (CVE-2012-0549)
A stack buffer overflow vulnerability has been reported in Oracle AutoVue...
Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
CVE-2012-1758
Unspecified vulnerability in the Oracle AutoVue component in Oracle Supply Chain Products Suite 20.0.2 and 20.1 allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-1759...
CVE-2012-1759
Unspecified vulnerability in the Oracle AutoVue component in Oracle Supply Chain Products Suite 20.0.2 and 20.1 allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-1758...