Lucene search
+L
OracleAgile Product Lifecycle Management For Process

14 matches found

CVE
CVE
added 2020/04/29 12:0 a.m.7699 views

CVE-2020-11022

CVE-2020-11022 affects jQuery versions >=1.2 and =3.5.0 or apply vendor guidance where applicable.

6.9CVSS6.7AI score0.99019EPSS
In wild
CVE
CVE
added 2018/01/18 11:0 p.m.3361 views

CVE-2015-9251

CVE-2015-9251 affects jQuery before 3.0.0, enabling XSS when a cross-domain Ajax request omits the dataType option and text/javascript responses are executed. Connected advisories confirm the issue and indicate an upgrade resolves it; remediation is to upgrade jQuery to a fixed version as provide...

6.1CVSS6.3AI score0.29726EPSS
Web
CVE
CVE
added 2019/04/19 12:0 a.m.3116 views

CVE-2019-11358

CVE-2019-11358 is a prototype pollution vulnerability in jQuery (before 3.4.0) where mishandling of extend(true, {}, ...) can extend Object.prototype if an unsanitized source object has an enumerable proto property. The Core issue is triggered when a polluted prototype is introduced via nested ob...

6.1CVSS6.4AI score0.87218EPSS
In wild
CVE
CVE
added 2021/07/20 10:43 p.m.244 views

CVE-2021-2351

CVE-2021-2351 affects Oracle Database Server’s Advanced Networking Option, with affected versions 12.1.0.2, 12.2.0.1, and 19c. The vulnerability allows unauthenticated network access via Oracle Net to compromise the Advanced Networking Option, with access requiring user interaction (UI_R) and ris...

8.3CVSS8.5AI score0.025EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.79 views

CVE-2024-21092

CVE-2024-21092 affects Oracle Agile Product Lifecycle Management for Process, specifically the Product Quality Management component in version 6.2.4.2. The vulnerability arises from insufficient input validation, enabling a low-privileged, network-accessing attacker over HTTP to perform unauthori...

8.1CVSS7.8AI score0.00596EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.75 views

CVE-2024-21091

CVE-2024-21091 affects Oracle Agile Product Lifecycle Management for Process (PLM) – Data Import component, version 6.2.4.2. Root cause: insufficient input validation in Data Import. Impact: remote attacker with network access (HTTP) could achieve unauthorized access to critical data or all data ...

6.5CVSS6.2AI score0.00446EPSS
CVE
CVE
added 2024/02/17 1:50 a.m.68 views

CVE-2024-20956

CVE-2024-20956 affects Oracle Agile Product Lifecycle Management for Process (Installation component) prior to version 6.2.4.2. The root cause is insufficient input validation in the Installation component, enabling an unauthenticated, network-accessible attacker (via HTTP) to perform unauthorize...

7.3CVSS6.7AI score0.00439EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.55 views

CVE-2018-2572

CVE-2018-2572 maps to Oracle Agile PLM for Process (subcomponent Installation) affecting versions 6.1.1.6, 6.2.0.0, and 6.2.1.0. The vulnerability allows unauthenticated attackers to access Oracle Agile PLM data over HTTP with network access; exploitation requires user interaction, and impacts ma...

6.1CVSS5.5AI score0.01026EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.53 views

CVE-2016-5504

The CVE-2016-5504 entry affects Oracle’s Agile Product Lifecycle Management for Process (PLM for Process) as part of Oracle Supply Chain Products Suite, specifically versions 6.1.0.4, 6.1.1.6, and 6.2.0.0. The vulnerability relates to the Supplier Portal component and enables local users to compr...

4.7CVSS4.3AI score0.00314EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.50 views

CVE-2018-3069

CVE-2018-3069 affects Oracle Agile Product Lifecycle Management for Process (Installation) within Oracle Supply Chain Products Suite. Affected version is 6.2.0.0. The vulnerability permits a high-privilege attacker with network access via HTTP to read a subset of data from Oracle Agile PLM for Pr...

4CVSS2.8AI score0.01045EPSS
CVE
CVE
added 2018/10/17 1:0 a.m.47 views

CVE-2018-3134

CVE-2018-3134 affects Oracle Agile Product Lifecycle Management for Process (subcomponent: User Group Management) within Oracle Supply Chain Products Suite, version 6.2.0.0. The vulnerability is described as exploitable by a low-privileged user who can log on to the infrastructure hosting Oracle ...

5CVSS4.6AI score0.00403EPSS
CVE
CVE
added 2026/01/20 9:56 p.m.25 views

CVE-2026-21944

The CVE-2026-21944 affects Oracle Agile Product Lifecycle Management for Process (Product Quality Management component) with affected version 6.2.4. It describes a low-privilege attacker who can exploit over HTTP network access to gain unauthorized access to data. Affected status is supported by ...

6.8CVSS5.5AI score0.00274EPSS
CVE
CVE
added 2026/01/20 9:56 p.m.20 views

CVE-2026-21969

Oracle Agile Product Lifecycle Management for Process (Supplier Portal component) is affected in version 6.2.4. The connected PT-security entry states an easily exploitable, unauthenticated HTTP-access vulnerability that can lead to a complete takeover of the system. No remediation/fix informatio...

9.8CVSS5.5AI score0.00418EPSS
CVE
CVE
added 2026/04/21 8:35 p.m.16 views

CVE-2026-34296

CVE-2026-34296 affects Oracle Agile Product Lifecycle Management for Process (Product Quality Management) in version 6.2.4. The vulnerability, exploitable by a low-privileged user with network access over HTTP, can lead to unauthorized read access to a subset of data. The provided documents speci...

4.3CVSS5.7AI score0.00225EPSS