Lucene search
K
OracleAgile Product Lifecycle Management

56 matches found

CVE
CVE
added 2020/02/24 9:11 p.m.1473 views

CVE-2020-1935

CVE-2020-1935 affects Apache Tomcat across multiple branches: 9.0.0.M1–9.0.30, 8.5.0–8.5.50, and 7.0.0–7.0.99. It stems from HTTP header parsing that can mishandle end-of-line and Transfer-Encoding, enabling HTTP Request Smuggling when Tomcat sits behind certain reverse proxies. Impact is informa...

5.8CVSS7.4AI score0.09386EPSS
CVE
CVE
added 2019/05/01 8:3 p.m.300 views

CVE-2019-0227

The CVE-2019-0227 entry concerns an SSRF in Apache Axis 1.4 (last released in 2006). The connected IBM bulletins confirm Axis 1.x vulnerability details and state Axis 2 is the successor, with 1.7.9 (Axis2) being not vulnerable. Affected Axis 1.x components are legacy; remediation is to upgrade to...

7.5CVSS8.3AI score0.86503EPSS
Web
CVE
CVE
added 2018/08/02 1:0 p.m.257 views

CVE-2018-8032

CVE-2018-8032 affects Apache Axis 1.x (up to 1.4) with a cross-site scripting (XSS) vulnerability in the default servlet/services. This vulnerability is documented in IBM/PM security bulletins linked to Axis, confirming an XSS flaw (CWE-79) in Axis 1.x and indicating broader IBM product exposure....

6.1CVSS5.8AI score0.10554EPSS
CVE
CVE
added 2024/02/17 1:50 a.m.251 views

CVE-2024-20953

CVE-2024-20953 affects Oracle Agile PLM (Supply Chain) 9.3.6, specifically the Export component. The Nessus NASL notes this vulnerability allows a low-privileged, network-accessible attacker over HTTP to compromise Oracle Agile PLM, with potential takeover and a CVSS v3.1 base score of 8.8 (C/H, ...

8.8CVSS8.3AI score0.03405EPSS
In wild
CVE
CVE
added 2021/11/17 7:15 p.m.222 views

CVE-2021-41165

CKEditor4 core HTML processing vulnerability (CVE-2021-41165) allows injection of malformed HTML comments bypassing content sanitization, potentially enabling JavaScript execution. Affected: CKEditor 4.x versions before 4.17.0 (affects all plugins). Impact: execution of arbitrary script in affect...

8.2CVSS6.2AI score0.0147EPSS
CVE
CVE
added 2024/11/18 9:39 p.m.214 views

CVE-2024-21287

CVE-2024-21287 affects Oracle Agile PLM Framework 9.3.6, specifically the Software Development Kit/Process Extension component. The Nessus review notes a vulnerability in 9.3.6.x before 9.3.6.28.3 that enables an unauthenticated, network-accessible attacker (HTTP) to disclose files or access data...

7.5CVSS6.9AI score0.01496EPSS
In wild
CVE
CVE
added 2018/05/11 8:0 p.m.143 views

CVE-2018-1257

CVE-2018-1257 affects Spring Framework: vulnerable in Spring Messaging when using an in-memory STOMP broker exposed via STOMP over WebSocket. A malicious user can craft a message to the broker that triggers a regular-expression denial of service. Affected versions are Spring Framework 5.0.x befor...

6.5CVSS7AI score0.03279EPSS
CVE
CVE
added 2018/06/25 3:0 p.m.135 views

CVE-2018-11040

CVE-2018-11040 affects Spring Framework: 5.0.x before 5.0.7 and 4.3.x before 4.3.18 (and older unsupported versions). The issue arises because JSONP support can be enabled via JSONP parameters when MappingJackson2JsonView is configured, allowing cross-domain requests through AbstractJsonpResponse...

7.5CVSS8.3AI score0.03244EPSS
CVE
CVE
added 2025/01/21 8:53 p.m.71 views

CVE-2025-21556

CVE-2025-21556 affects Oracle Agile PLM Framework (9.3.6) via the Agile Integration Services component. The vulnerability permits takeover with network access over HTTP by a low-privilege attacker, with CVSS 3.1 base score 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Oracle’s January 2025 Critical ...

9.9CVSS8.8AI score0.00617EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.69 views

CVE-2018-2609

CVE-2018-2609 affects Oracle Agile PLM Security in Oracle Supply Chain Products Suite, with affected versions 9.3.5 and 9.3.6. The vulnerability allows an unauthenticated, network-accessible attacker (via HTTP) to compromise data confidentiality and integrity, potentially enabling unauthorized up...

6.1CVSS5.5AI score0.00842EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.66 views

CVE-2017-10093

The CVE-2017-10093 entry concerns Oracle Agile PLM within Oracle Supply Chain Products Suite. Affected versions are 9.3.5 and 9.3.6. The vulnerability exists in the Security subcomponent and allows an unauthenticated, network-accessible attacker over HTTP to read a subset of Oracle Agile PLM data...

5.3CVSS4.3AI score0.01985EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.63 views

CVE-2017-10299

CVE-2017-10299 affects Oracle Agile PLM within Oracle Supply Chain Products Suite (subcomponent: Security). Affected versions are 9.3.5 and 9.3.6. The vulnerability allows a low-privileged attacker with network access over HTTP to read a subset of Oracle Agile PLM data (unauthorized read access)....

4.3CVSS3.4AI score0.01004EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.61 views

CVE-2017-10082

CVE-2017-10082 affects Oracle Agile PLM (Security subcomponent) within Oracle Supply Chain Products Suite; affected versions are 9.3.5 and 9.3.6. The vulnerability allows an unauthenticated, network-accessible attacker over HTTP to compromise Oracle Agile PLM, with potential unauthorized read, up...

6.1CVSS5.5AI score0.0147EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.59 views

CVE-2017-10308

CVE-2017-10308 affects the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Performance). Affected versions: 9.3.5 and 9.3.6. The vulnerability allows physical access to compromise Oracle Agile PLM, enabling unauthorized update/insert/delete operations and unauthori...

3.6CVSS3.3AI score0.00388EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.58 views

CVE-2016-5527

Technical details about CVE-2016-5527 are not publicly available in the provided documents. Monitor for updates from official advisories; the entry concerns Oracle Agile PLM 9.3.4/9.3.5 with unspecified confidentiality impact.

5.9CVSS5.1AI score0.01631EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.58 views

CVE-2017-10080

CVE-2017-10080 affects Oracle Agile PLM, a subcomponent of Oracle Supply Chain Products Suite. Vulnerability exists in versions 9.3.5 and 9.3.6 of Oracle Agile PLM Security. An unauthenticated attacker with network access via HTTP can compromise data, with attacks requiring user interaction. Impa...

6.1CVSS5.5AI score0.0147EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.58 views

CVE-2017-10092

The CVE-2017-10092 entry concerns Oracle Agile PLM (Security subcomponent) within Oracle Supply Chain Products Suite, affected in versions 9.3.5 and 9.3.6. The vulnerability is exposed over HTTP and is easily exploitable by an unauthenticated attacker with network access. It requires user interac...

6.1CVSS5.5AI score0.0147EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.58 views

CVE-2017-10094

CVE-2017-10094 affects Oracle’s Agile PLM component within the Oracle Supply Chain Products Suite (subcomponent: Security). Affected versions are 9.3.5 and 9.3.6. The vulnerability allows a low-privilege attacker with network access over HTTP to compromise Oracle Agile PLM, with exploitation requ...

5.4CVSS4.9AI score0.00899EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.57 views

CVE-2017-10052

CVE-2017-10052 — affected product and details : The vulnerability is in Oracle Agile PLM, PCMServlet subcomponent, within Oracle Supply Chain Products Suite. Affected versions are 9.3.5 and 9.3.6. An unauthenticated attacker with network access via HTTP can compromise Oracle Agile PLM; successful...

6.1CVSS5.5AI score0.0147EPSS
CVE
CVE
added 2017/08/08 3:0 p.m.57 views

CVE-2017-10088

CVE-2017-10088 affects Oracle Agile PLM within the Oracle Supply Chain Products Suite (Security subcomponent). Affected versions are 9.3.5 and 9.3.6. The vulnerability allows a high-privileged attacker with local logon to compromise Oracle Agile PLM, enabling unauthorized updates/inserts/deletes ...

3.6CVSS3.2AI score0.00412EPSS
CVE
CVE
added 2025/01/21 8:53 p.m.57 views

CVE-2025-21564

Oracle Agile PLM Framework (Oracle Supply Chain) is affected in version 9.3.6, specifically the Agile Integration Services component. The CVE entry describes an easily exploitable vulnerability allowing a low-privileged attacker with network access via HTTP to obtain unauthorized access to critic...

8.1CVSS7.5AI score0.00481EPSS
CVE
CVE
added 2019/07/23 10:31 p.m.55 views

CVE-2019-2817

CVE-2019-2817 affects Oracle Agile PLM within Oracle Supply Chain Products Suite, specifically the Folders, Files & Attachments subcomponent. Affected versions are 9.3.3, 9.3.4, 9.3.5 and 9.3.6. The vulnerability allows a low-privilege, network-accessible attacker (via HTTP) to compromise Oracle ...

5.4CVSS5AI score0.01025EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.54 views

CVE-2016-3553

CVE-2016-3553 relates to an unspecified vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite 9.3.4 and 9.3.5. The NVD entry states remote authenticated users can affect confidentiality and integrity via vectors related to PC Core. CVSSv3 basis is 5.4 (NETWORK, LOW...

5.5CVSS4.9AI score0.01407EPSS
CVE
CVE
added 2025/01/21 8:53 p.m.54 views

CVE-2025-21560

CVE-2025-21560 affects Oracle Agile PLM Framework (component: SDK) with vulnerable 9.3.6. A low-privilege, network-access attacker (HTTP) can compromise the framework, potentially gaining unauthorized access to critical data or all data accessible by Oracle Agile PLM Framework. Concrete details f...

6.5CVSS5.9AI score0.00417EPSS
CVE
CVE
added 2025/01/21 8:53 p.m.54 views

CVE-2025-21565

The CVE-2025-21565 entry concerns Oracle Agile PLM Framework (Oracle Supply Chain) Install component vulnerability affecting version 9.3.6. The root cause is weaknesses in the authorization mechanism of the Install component, enabling an unauthenticated, network-accessing attacker to compromise t...

7.5CVSS6.9AI score0.00479EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.52 views

CVE-2016-5524

Technical details for CVE-2016-5524 are not publicly available in the provided documents. Monitor for updates from official advisories; no specifics on affected product versions, vectors, or fixes are included here.

5.3CVSS5.2AI score0.01599EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.52 views

CVE-2020-2920

The CVE-2020-2920 entry concerns Oracle Agile PLM (Security component) in Oracle Supply Chain. Affected versions are 9.3.3, 9.3.5, and 9.3.6. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM, with impact including unauthorized read a...

6.1CVSS5.6AI score0.01134EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.51 views

CVE-2016-3507

CVE-2016-3507 affects Oracle Agile PLM within Oracle Supply Chain Products Suite versions 9.3.4 and 9.3.5, where a vulnerability in WebClient/Admin could allow remote attackers to compromise integrity. The connected PT-2016-5527 entry recommends updating to a fixed version for 9.3.4/9.3.5, and Or...

4.3CVSS4.6AI score0.01918EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.51 views

CVE-2016-3529

The CVE-2016-3529 entry concerns Oracle Agile PLM in Oracle Supply Chain Products Suite 9.3.4/9.3.5. The vulnerability is described as unspecified, allowing remote attackers to affect confidentiality via vectors related to SDK, and is noted as distinct from CVE-2016-3526 and CVE-2016-3560. The Co...

5.8CVSS5AI score0.02353EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.50 views

CVE-2016-3537

Technical details (affected product Versions, root cause, impact, and remediation) are not publicly available in the provided documents; monitor for updates from official advisories.

6.8CVSS3.5AI score0.02597EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.48 views

CVE-2016-3526

CVE-2016-3526 describes an unspecified vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite 9.3.4–9.3.5 . The weakness is stated to affect confidentiality via vectors related to the Software Development Kit (SDK); it is noted as a different vulnerability from CVE-...

7.8CVSS4.8AI score0.03655EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.48 views

CVE-2016-3560

Technical details (affected product components, root cause, exact exploit vectors, and practical impact) are not publicly provided in the connected documents; monitor for updates.

5.3CVSS5AI score0.02353EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.48 views

CVE-2016-5473

CVE-2016-5473 affects Oracle’s Oracle Supply Chain Products Suite (Oracle Agile PLM) versions 9.3.4 and 9.3.5 . The description indicates an unspecified vulnerability that allows remote authenticated users to affect confidentiality via vectors related to File Folders / Attachment . The underlying...

3.5CVSS3.9AI score0.01413EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.48 views

CVE-2016-5515

The CVE-2016-5515 entry describes an unspecified vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite 9.3.4/9.3.5 that allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RMIServlet. The NVD entry provide...

8.8CVSS7.6AI score0.01938EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.48 views

CVE-2016-5521

CVE-2016-5521 affects the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5. The issue is described as an unspecified vulnerability that remote attackers can exploit to affect confidentiality and integrity via unknown vectors (distinct from CVE-2016-5512). CVSS metr...

7.5CVSS5.9AI score0.01262EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.48 views

CVE-2016-5523

CVE-2016-5523 affects Oracle Supply Chain Products Suite (Oracle Agile PLM) 9.3.4/9.3.5 via the AutoVue Java Applet. The root cause is an unspecified vulnerability that allows remote authenticated users to affect confidentiality, integrity, and availability. Impact is described as partial to tota...

8.8CVSS7.6AI score0.02022EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.47 views

CVE-2016-3539

CVE-2016-3539 concerns an unspecified vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite 9.3.4 and 9.3.5. The description states that remote authenticated users can impact integrity and availability via vectors related to File Folders/Attachments, which is a dis...

7.5CVSS5.9AI score0.0265EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.47 views

CVE-2016-3554

Affected product: Oracle Supply Chain Product Suite (SCP) 9.3.4 and 9.3.5 with Oracle Agile PLM component. The vulnerability is described as unspecified, allowing remote authenticated users to affect confidentiality, integrity, and availability via vectors related to PC / BOM, MCAD, and Design. C...

9CVSS7.5AI score0.04114EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.47 views

CVE-2016-3555

CVE-2016-3555 affects Oracle Agile PLM within Oracle Supply Chain Products Suite 9.3.4 and 9.3.5. The vulnerability is described as an unspecified issue that could affect confidentiality and integrity via vectors related to the PGC/Excel Plugin. The NVD entry notes network access with authenticat...

6.1CVSS5.6AI score0.01708EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.46 views

CVE-2016-5526

CVE-2016-5526 affects Oracle Supply Chain Products Suite (Oracle Agile PLM) versions 9.3.4 and 9.3.5, with a vulnerability in the Agile PLM component tied to Apache Tomcat that can impact confidentiality, integrity, and availability. Connected documents specify the SDK subcomponent as the vulnera...

7.5CVSS6.8AI score0.01447EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.45 views

CVE-2016-3420

Technical details (affected products, root cause, impact, or fixes) are not publicly available in the provided documents. Monitor for updates from official advisories.

6.4CVSS5.2AI score0.00954EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.45 views

CVE-2016-3431

Technical details about CVE-2016-3431 are not publicly available in the provided documents; no specifics on affected products, root cause, impact, or remediation are present. Monitor for updates.

6.4CVSS5.2AI score0.00934EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.45 views

CVE-2016-3519

CVE-2016-3519 affects Oracle Agile PLM as part of Oracle Supply Chain Products Suite 9.3.4–9.3.5. The vulnerability is described as an unspecified issue that allows remote attackers to affect confidentiality and integrity via vectors related to PC / Get Shortcut. The connected PT-2016-5538 page c...

6.1CVSS5.6AI score0.01708EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.45 views

CVE-2016-3561

The CVE-2016-3561 entry concerns an unspecified vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (SCP S) 9.3.4 and 9.3.5, where remote attackers could affect confidentiality, integrity, and availability via vectors related to the SDK. The NVD entry documents C...

7.5CVSS6.8AI score0.02319EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.45 views

CVE-2016-5510

CVE-2016-5510 pertains to Oracle Supply Chain Products Suite (Oracle Agile PLM), specifically the Oracle Agile PLM component in versions 9.3.4 and 9.3.5. Connected sources indicate an unspecified vulnerability that allows remote attackers to compromise confidentiality via unknown vectors; CNVD/CV...

5.3CVSS5.5AI score0.01599EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.45 views

CVE-2016-5512

Technical details are not publicly available in the provided documents for CVE-2016-5512. Monitor for updates in NVD/related feeds; no specific affected product versions, vectors, or remediation are disclosed here.

6.1CVSS5.9AI score0.01106EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.45 views

CVE-2016-5522

CVE-2016-5522 affects Oracle Agile PLM in Oracle Supply Chain Products Suite versions 9.3.4 and 9.3.5. The connected documents describe a remote-authenticated vulnerability in the Oracle Agile PLM component that can compromise confidentiality by reading data via unknown vectors. While multiple so...

4.3CVSS4.5AI score0.01257EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.44 views

CVE-2016-3517

CVE-2016-3517 affects Oracle Agile PLM in Oracle Supply Chain Products Suite v9.3.4–v9.3.5. The vulnerability, in the PC / Get Shortcut subcomponent, allows a remote attacker to affect data integrity. CVSSv3 base score 4.3 (Network, Low complexity, No privileges, User interaction required; Integr...

4.3CVSS4.6AI score0.01918EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.44 views

CVE-2016-3556

CVE-2016-3556 affects Oracle Agile PLM within Oracle Supply Chain Products Suite versions 9.3.4 and 9.3.5. The vulnerability is described as unspecified, enabling remote attackers to impact confidentiality, integrity, and availability via EM Integration vectors. The NVD CVSSv3 base score is 9.8 (...

10CVSS8.3AI score0.04202EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.44 views

CVE-2016-3557

CVE-2016-3557 affects the Oracle Agile PLM component of Oracle Supply Chain Products Suite (versions 9.3.4 and 9.3.5). The issue is described as an unspecified vulnerability that allows remote attackers to affect confidentiality and integrity via vectors related to File Load. The connected docume...

6.1CVSS5.6AI score0.01673EPSS
Total number of security vulnerabilities56