Lucene search
K

126 matches found

CVE
CVE
added 2021/04/22 9:53 p.m.69 views

CVE-2021-2262

CVE-2021-2262 affects Oracle E-Business Suite Purchasing (Endeca) 12.1.3. The Endeca component is vulnerable, and a low-privileged attacker with network access via HTTPS can compromise Oracle Purchasing, potentially causing unauthorized creation, deletion, or modification of data or full data acc...

8.1CVSS8.2AI score0.00987EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/04/22 9:53 p.m.12 views

CVE-2021-2262

Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite component: Endeca. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Purchasing. Successful attacks of this...

8.1CVSS6.8AI score0.00987EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/22 9:53 p.m.28 views

CVE-2021-2262

Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite component: Endeca. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Purchasing. Successful attacks of this...

8.1CVSS8.3AI score0.00987EPSS
Exploits0References1
CNVD
CNVD
added 2021/04/21 12:0 a.m.10 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2021-37714)

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, etc., a collection of management software, is seamlessly integrated into a management suite. Oracle Purchasing i...

8.1CVSS6.7AI score0.00987EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/20 12:0 a.m.5 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, etc., a collection of management software, is seamlessly integrated into a management suite. Oracle Purchasing i...

8.1CVSS5.7AI score0.00987EPSS
Exploits0References3
Microsoft KB
Microsoft KB
added 2021/02/09 8:0 a.m.53 views

February 9, 2021—KB4601360 (Monthly Rollup)

February 9, 2021—KB4601360 Monthly Rollup IMPORTANT Verify that you have installed the required updates listed in the How to get this update section before installing this update. Customers who have purchased the Extended Security Update ESU for on-premises versions of this OS must follow the...

9.8CVSS8.9AI score0.58961EPSS
Exploits7
CNVD
CNVD
added 2020/10/29 12:0 a.m.1 views

File Upload Vulnerability in Kaixin Procurement System

Qixing Purchasing System is a system for material purchasing and management, which is developed using ASP.NET language. A file upload vulnerability exists in the Qixing Procurement System. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/09/14 2:49 p.m.33 views

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. These sometimes helpful online tools that work directly...

7.2AI score
Exploits0
CNVD
CNVD
added 2020/07/06 12:0 a.m.1 views

SQL Injection Vulnerability in Purchase 31.0, a Purchasing System of Shanghai Tsuen Lu Software Development Studio

Founded in 2010, Kaixin Studio has been focusing on enterprise applications and constantly updating its products. A SQL injection vulnerability exists in the purchasing system purchase 31.0, which can be exploited by attackers to obtain sensitive information from the database...

7.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/06/05 12:0 a.m.6 views

The vulnerability of the Purchasing component in the Oracle PeopleSoft Enterprise SCM Purchasing application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Purchasing component in Oracle PeopleSoft Enterprise SCM Purchasing is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

4.9CVSS6AI score0.007EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2020/05/27 7:47 p.m.4 views

purchasingcrossing.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1174415 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

6.1AI score
Exploits0
CNVD
CNVD
added 2020/04/17 12:0 a.m.4 views

Oracle PeopleSoft Products PeopleSoft Enterprise SCM Purchasing Unauthorized Operation Vulnerability

Oracle PeopleSoft Products is a set of enterprise human capital management solutions from Oracle Oracle. The product provides human capital management, financial management, supplier relationship management and other functions. A security vulnerability exists in the Purchasing component of...

4.9CVSS8.5AI score0.007EPSS
Exploits0
CNVD
CNVD
added 2020/04/17 12:0 a.m.2 views

Oracle PeopleSoft Products PeopleSoft Enterprise SCM Purchasing Unauthorized Access Vulnerability

Oracle PeopleSoft's PeopleSoft is an enterprise supply chain procurement product from Oracle USA. An unauthorized access vulnerability exists in Oracle PeopleSoft Products PeopleSoft Enterprise SCM Purchasing, which can be exploited by an attacker to cause unauthorized access to critical data or...

6.5CVSS8.4AI score0.0127EPSS
Exploits0References1
NVD
NVD
added 2020/04/15 2:15 p.m.19 views

CVE-2020-2906

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Supplier Change. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

6.5CVSS5.9AI score0.0127EPSS
Exploits0References1
NVD
NVD
added 2020/04/15 2:15 p.m.19 views

CVE-2020-2899

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

4.9CVSS4.2AI score0.007EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.5 views

CVE-2020-2906

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Supplier Change. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

6.5CVSS6.8AI score0.0127EPSS
Exploits0References1
OSV
OSV
added 2020/04/15 2:15 p.m.4 views

CVE-2020-2899

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

4.8CVSS6.2AI score0.007EPSS
Exploits0References1
Prion
Prion
added 2020/04/15 2:15 p.m.17 views

Code injection

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

4.9CVSS4.5AI score0.007EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/04/15 1:29 p.m.19 views

CVE-2020-2906

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Supplier Change. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

6.5CVSS6.3AI score0.0127EPSS
Exploits0References1
CVE
CVE
added 2020/04/15 1:29 p.m.47 views

CVE-2020-2906

CVE-2020-2906 affects Oracle PeopleSoft, specifically the PeopleSoft Enterprise SCM Purchasing component (Supplier Change) version 9.2. The vulnerability allows a low-privilege, unauthenticated attacker with network access over HTTP to gain unauthorized access to data within PeopleSoft SCM Purcha...

6.5CVSS6.2AI score0.0127EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder