38 matches found
CVE-2024-21027
Oracle E-Business Suite: The CVE-2024-21027 vulnerability affects the LOV component in the Complex Maintenance, Repair, and Overhaul module for versions 12.2.3–12.2.13. Root cause is insufficient input validation in the LOV, enabling a remote, unauthenticated attacker to access data via HTTP with...
CVE-2024-21018
CVE-2024-21018 affects Oracle E-Business Suite, specifically the Oracle Complex Maintenance, Repair, and Overhaul (LOV) component. Affected versions are 12.2.3–12.2.13. The issue allows an unauthenticated attacker with network access via HTTP, with required human interaction, to compromise LOV an...
CVE-2024-21020
CVE-2024-21020 affects Oracle E-Business Suite, specifically the Complex Maintenance, Repair, and Overhaul (LOV) component. Affected are versions 12.2.3–12.2.13. The vulnerability allows an unauthenticated, network-based attacker (HTTP) to manipulate data and potentially read sensitive data, with...
CVE-2024-21026
CVE-2024-21026 affects Oracle E-Business Suite, LOV component, in versions 12.2.3–12.2.13. The issue stems from insufficient input validation in LOV, allowing an unauthenticated attacker with network access via HTTP to compromise data; attacks require user interaction. Impact includes unauthorize...
CVE-2024-21029
Summary: CVE-2024-21029 affects Oracle E-Business Suite, Oracle Complex Maintenance, Repair, and Overhaul (LOV) in versions 12.2.3–12.2.13. It is an unauthenticated network-access vulnerability over HTTP that requires user interaction and can lead to unauthorized read/update/delete of data, with ...
CVE-2024-21022
CVE-2024-21022 affects Oracle E-Business Suite, specifically the Oracle Complex Maintenance, Repair, and Overhaul component (LOV). Affected versions are 12.2.3–12.2.13. The root cause is insufficient input validation in LOV, leading to an unauthenticated attacker with network access via HTTP bein...
CVE-2024-21032
CVE-2024-21032 affects Oracle E-Business Suite, specifically the LOV component within Complex Maintenance, Repair, and Overhaul. Affected versions are 12.2.3–12.2.13. The vulnerability can be exploited remotely over HTTP by an unauthenticated attacker; however, successful exploitation requires us...
CVE-2024-21035
CVE-2024-21035 applies to Oracle E-Business Suite, specifically the Complex Maintenance, Repair, and Overhaul (LOV) component. Affected versions are 12.2.3–12.2.13. The issue stems from insufficient input validation in LOV, allowing an unauthenticated attacker with network access via HTTP to comp...
CVE-2024-21021
CVE-2024-21021 affects Oracle E-Business Suite, specifically the LOV component in the Complex Maintenance, Repair, and Overhaul module. Affected versions are 12.2.3–12.2.13. The vulnerability is exploitable over HTTP by an unauthenticated attacker and, though it requires user interaction, can lea...
CVE-2024-21039
CVE-2024-21039 affects Oracle E-Business Suite, specifically the LOV component within Oracle Complex Maintenance, Repair, and Overhaul. Affected versions are 12.2.3–12.2.13. The issue arises from insufficient input validation in LOV, enabling an unauthenticated attacker with network access via HT...
CVE-2024-21041
Oracle E-Business Suite CVE-2024-21041 affects the LOV component in Oracle Complex Maintenance, Repair, and Overhaul. Affected versions are 12.2.3–12.2.13. The issue arises from insufficient input validation, allowing an unauthenticated attacker with network access over HTTP to compromise data af...
CVE-2024-21019
The CVE-2024-21019 issue affects Oracle E-Business Suite, specifically the Complex Maintenance, Repair, and Overhaul (LOV) component, with affected versions 12.2.3–12.2.13. The vulnerability allows an unauthenticated attacker, with network access over HTTP, to compromise data confidentiality and ...
CVE-2024-21045
CVE-2024-21045 affects Oracle E-Business Suite, specifically the LOV component in the Complex Maintenance, Repair, and Overhaul product. Affected: EBS versions 12.2.3–12.2.13. Root cause: insufficient input validation in LOV allows an unauthenticated attacker with network access via HTTP to compr...
CVE-2024-21016
CVE-2024-21016 affects Oracle E-Business Suite, specifically the LOV component in Oracle Complex Maintenance, Repair, and Overhaul, versions 12.2.3–12.2.13. The vulnerability enables an unauthenticated, network-accessible attacker (HTTP) to compromise data; exploitation requires user interaction....
CVE-2024-21028
CVE-2024-21028 affects Oracle E-Business Suite, specifically the Complex Maintenance, Repair, and Overhaul (LOV) component within versions 12.2.3–12.2.13. The root cause is inadequate input validation in the LOV data/logic, enabling an unauthenticated attacker with network access over HTTP to mod...
CVE-2024-21031
The CVE-2024-21031 entry concerns Oracle E-Business Suite, Oracle Complex Maintenance, Repair, and Overhaul LOV component. Affected versions are 12.2.3–12.2.13. The issue allows an unauthenticated attacker with network access over HTTP to compromise data after user interaction, potentially enabli...
CVE-2024-21036
CVE-2024-21036 affects Oracle E-Business Suite, specifically the LOV component in Complex Maintenance, Repair, and Overhaul. Affected versions are 12.2.3–12.2.13. The issue stems from insufficient input validation in LOV, enabling an unauthenticated attacker with network access via HTTP to compro...
CVE-2024-21040
CVE-2024-21040 affects Oracle E-Business Suite, specifically the LOV component in Oracle Complex Maintenance, Repair, and Overhaul (12.2.3–12.2.13). The issue allows an unauthenticated attacker with network access over HTTP to read and modify data, with human interaction required for exploitation...
CVE-2024-21046
Oracle E-Business Suite, LOV component in Complex Maintenance, Repair, and Overhaul, is affected in versions 12.2.3–12.2.13. The issue arises from insufficient input validation in the LOV component, allowing unauthenticated access over HTTP to result in unauthorized update/insert/delete and read ...
CVE-2024-21017
CVE-2024-21017 affects Oracle E-Business Suite, specifically the LOV component within Oracle Complex Maintenance, Repair, and Overhaul. Publicly confirmed versions affected are 12.2.3–12.2.13. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise the pro...
CVE-2024-21025
CVE-2024-21025 (Oracle E-Business Suite — LOV component) : The vulnerability affects Oracle E-Business Suite’s Complex Maintenance, Repair, and Overhaul, specifically the LOV component, in versions 12.2.3–12.2.13. It is caused by insufficient input validation in the LOV code, allowing an unauthen...
CVE-2024-21023
The CVE-2024-21023 issue affects Oracle E-Business Suite - Complex Maintenance, Repair, and Overhaul (LOV component) on versions 12.2.3–12.2.13. Root cause: insufficient input validation in the LOV, enabling unauthenticated, network-accessible HTTP exploitation. Impact: unauthorized update/insert...
CVE-2024-21030
CVE-2024-21030 affects Oracle E-Business Suite, Oracle Complex Maintenance, Repair, and Overhaul (component: LOV). Affects 12.2.3–12.2.13; allows unauthenticated network access via HTTP to compromise data, with read and (in some cases) update/delete access. Exploitation is described as requiring ...
CVE-2024-21038
This CVE (CVE-2024-21038) affects Oracle E-Business Suite, specifically the Complex Maintenance, Repair, and Overhaul component (LOV). Affected versions are 12.2.3–12.2.13. The flaw enables an unauthenticated attacker with network access over HTTP to compromise the LOV component, with required us...
CVE-2024-21042
The CVE-2024-21042 flaw affects Oracle E-Business Suite, specifically the Complex Maintenance, Repair, and Overhaul (LOV component). Affected versions are 12.2.3 through 12.2.13. The issue allows an unauthenticated attacker with network access over HTTP to compromise the LOV component, with attac...
CVE-2024-21034
CVE-2024-21034 affects Oracle E-Business Suite, specifically the Oracle Complex Maintenance, Repair, and Overhaul (LOV) component, with affected versions 12.2.3–12.2.13. An unauthenticated attacker with network access via HTTP can exploit this vulnerability, though human interaction is required. ...
CVE-2021-2102
The CVE-2021-2102 issue is in Oracle Complex Maintenance, Repair, and Overhaul (Dialog Box) for versions 11.5.10, 12.1, 12.2. It stems from insufficient access control, enabling an unauthenticated, network-accessible attacker (via HTTP) to access or modify data after user interaction. The Red Hat...
CVE-2024-21037
CVE-2024-21037 concerns Oracle E-Business Suite, specifically the LOV component in Oracle Complex Maintenance, Repair, and Overhaul. Affected versions are 12.2.3–12.2.13. The issue allows an unauthenticated attacker with network access via HTTP to compromise the LOV, with attacks reportedly requi...
CVE-2024-21033
The CVE-2024-21033 issue affects Oracle E-Business Suite, specifically the Oracle Complex Maintenance, Repair, and Overhaul component LOV. Affected versions are 12.2.3–12.2.13. The root cause is insufficient input validation in LOV, enabling an unauthenticated attacker with network access via HTT...
CVE-2024-21043
Oracle E-Business Suite CMAO LOV component (versions 12.2.3–12.2.13) is affected by CVE-2024-21043. The issue allows an unauthenticated attacker with network access via HTTP to perform unauthorized read and write operations on accessible data, with successful attacks requiring user interaction an...
CVE-2016-3456
Technical details for CVE-2016-3456 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor advisories to assess affected products, impact, and remediation.
CVE-2024-21044
CVE-2024-21044 affects Oracle E-Business Suite, specifically the Oracle Complex Maintenance, Repair, and Overhaul (LOV) component. Vulnerable versions are 12.2.3–12.2.13. The issue arises from insufficient input validation in the LOV, allowing an unauthenticated attacker with network access via H...
CVE-2024-21024
CVE-2024-21024 affects Oracle E-Business Suite, specifically the LOV component in Oracle Complex Maintenance, Repair, and Overhaul. Affected versions are 12.2.3–12.2.13. The issue stems from insufficient input validation in LOV, allowing a remote, unauthenticated attacker with network access via ...
CVE-2021-2104
The CVE-2021-2104 entry concerns Oracle Complex Maintenance, Repair, and Overhaul (Dialog Box) in Oracle Supply Chain. Affected versions are 11.5.10, 12.1, and 12.2. The issue is a component-level access-control flaw allowing a network-remote, unauthenticated attacker to access or modify data via...
CVE-2021-2103
CVE-2021-2103 affects Oracle’s Complex Maintenance, Repair, and Overhaul (dialog box) in Oracle Supply Chain. Affected versions: 11.5.10, 12.1, 12.2. The issue allows an unauthenticated attacker with network access via HTTP to compromise the system; exploitation requires human interaction. Impact...
CVE-2026-46915
Technical details about CVE-2026-46915 are not provided in the supplied documents. No affected products, vulnerable components, or remediation are specified. Monitor for updates from Oracle security alerts.
CVE-2026-46935
Technical details are not publicly available in the provided documents for CVE-2026-46935. Monitor for updates and refer to the Oracle security alert linked in References.
CVE-2026-46934
Technical details about CVE-2026-46934 are not publicly available in the provided documents. Monitor for updates from Oracle and CVE records for affected products, components, impact, and remediation.