Oracle Oracle E-Business Suite (Oct 2020 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory, including the following: - Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider...

Oracle Universal Work Queue Code Execution Vulnerability

Oracle Universal Work Queue is a flexible work presentation and access tool from Oracle USA. The software provides a centralized view of work, access requests, and organizes work to improve efficiency and productivity. A code execution vulnerability exists in Oracle Universal Work Queue version...

CVE-2020-14862

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal...

CVE-2020-14855

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Univers...

CVE-2020-14862

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal...

CVE-2020-14855

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Univers...

Buffer overflow

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal...

Buffer overflow

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Univers...

CVE-2020-14862

CVE-2020-14862 affects Oracle E‑Business Suite Universal Work Queue (Internal Operations) with affected versions 12.2.3–12.2.9. The vulnerability allows a low-privileged attacker with network access via HTTP to compromise the Oracle Universal Work Queue and can lead to takeover of the component, ...

CVE-2020-14862

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal...

CVE-2020-14862

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal...

CVE-2020-14855

The CVE-2020-14855 vulnerability affects Oracle E-Business Suite’s Oracle Universal Work Queue (component: Work Provider Administration) in the 12.1.3 release. Affected vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Oracle Universal Work Queue, wit...

CVE-2020-14855

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Univers...

CVE-2020-14855

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Univers...

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in the following Oracle E-Business Suite products: Applications Manager Marketing Application Object Library Trade Management Universal Work Queue Installed Base CRM Technical Foundation One-to-One Fulfillment Applications Framework E-Business Suite Secure...

The vulnerability in the `hw/rdma/rdma_backend.c` component of the PVRDMA virtual network adapter emulator for hardware infrastructure, QEMU, allows a hacker to trigger a service failure.

The vulnerability in the hw/rdma/rdmabackend.c component of the PVRDMA virtual network adapter, within the QEMU hardware emulation software, is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability could allow an attacker to trigger a service failure...

The vulnerability of the Work Provider Administration component of the application, which is responsible for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Work Provider Administration component of the application, which is responsible for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks, is related to deficiencies in access control. Exploiting this vulnerability could allow an...

The vulnerability of the Work Provider Administration component of the application, which is responsible for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the Work Provider Administration component of the application, which is responsible for accessing, organizing, and interacting with various types of Oracle Universal Work Queue tasks, is related to deficiencies in access control. Exploiting this vulnerability could allow an...

Unspecified Vulnerability in Oracle E-Business Suite Universal Work Queue

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management, etc. Universal Work Queue is one of the tools that c...

CVE-2020-2818

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...