5 matches found
CVE-2020-2604
CVE-2020-2604 affects Oracle Java SE/Java SE Embedded Serialization. Affected: Java SE 7u241, 8u231, 11.0.5, 13.0.1; Java SE Embedded 8u231. Described impact: unauthenticated, network-based attacker can take over the Java environment; high confidentiality, integrity, and availability impact (CVSS...
CVE-2020-14536
The CVE-2020-14536 entry concerns Oracle Commerce Guided Search / Oracle Commerce Experience Manager (Workbench) with affected versions 11.0, 11.1, 11.2 and prior to 11.3.1. The vulnerability details a difficult-to-exploit issue that allows an unauthenticated attacker, over HTTP, to compromise th...
CVE-2021-2345
CVE-2021-2345 affects Oracle Commerce Guided Search and Oracle Commerce Experience Manager (Tools and Frameworks) with a vulnerability in version 11.3.1.5. The issue allows a low-privilege, network-accessible attacker (HTTP) to compromise the product, requiring user interaction, and potentially l...
CVE-2021-2346
CVE-2021-2346 affects Oracle Commerce Guided Search / Oracle Commerce Experience Manager (Tools and Frameworks) with affected version 11.3.1.5. The vulnerability is exploitable over HTTP by a low-privilege attacker on the network; successful attacks require human interaction and can lead to unaut...
CVE-2021-2348
CVE-2021-2348 affects Oracle Commerce Guided Search / Oracle Commerce Experience Manager (Tools and Frameworks), version 11.3.1.5. The vulnerability allows a low-privileged, network-authenticated attacker to read a subset of data via HTTP, indicating a confidentiality impact. Descriptions across ...