E-business Suite Security Vulnerabilities and Issues — Page 4 of E-business Suite CVE List

Lucene search

OracleE-business Suite

330 matches found

CVE•added 2016/01/21 3:1 a.m.•43 views

CVE-2016-0514

Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0515.

6.4CVSS5AI score0.00311EPSS

CVE•added 2016/01/21 3:1 a.m.•43 views

CVE-2016-0518

Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to General utilities, a different vulnerability than CVE-2016-0517.

6.4CVSS5AI score0.00311EPSS

CVE•added 2016/01/21 3:1 a.m.•43 views

CVE-2016-0519

Unspecified vulnerability in the Oracle iReceivables component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to AR Web Utilities, a different vulnerability than CVE-2016-0507.

4.3CVSS5.2AI score0.00287EPSS

CVE•added 2018/04/19 2:29 a.m.•43 views

CVE-2018-2873

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker wit...

5.3CVSS4.4AI score0.00564EPSS

CVE•added 2019/01/16 7:30 p.m.•43 views

CVE-2019-2440

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with networ...

8.2CVSS8.2AI score0.01468EPSS

CVE•added 2019/01/16 7:30 p.m.•43 views

CVE-2019-2470

Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Detail). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker wi...

8.2CVSS8.2AI score0.01468EPSS

CVE•added 2023/10/17 10:15 p.m.•43 views

CVE-2023-22076

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application...

6.1CVSS5.8AI score0.0019EPSS

CVE•added 2003/08/27 4:0 a.m.•42 views

CVE-2003-0633

Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key.

5CVSS6.5AI score0.00619EPSS

CVE•added 2007/04/24 8:19 p.m.•42 views

CVE-2007-2135

The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FND_DOCUMENTS table via the ADI_DISPLAY_REPORT function, when passed a certain parameter. NOTE: due to lack of details from Oracle, it is not clear whether this issue is rel...

7.8CVSS6.2AI score0.0208EPSS

CVE•added 2007/07/18 7:30 p.m.•42 views

CVE-2007-3866

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via (a) Oracle Configurator (APPS02), (b) Oracle iExpenses (APPS03), (c) Oracle Application Object Library (APPS09), and (1) APPS12, (2) APPS13, and (3) APPS14 in (...

7.5CVSS6.6AI score0.04455EPSS

CVE•added 2009/09/14 2:30 p.m.•42 views

CVE-2008-7238

Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors related to the Orac...

6CVSS5.6AI score0.0184EPSS

CVE•added 2009/10/22 6:30 p.m.•42 views

CVE-2009-3395

Unspecified vulnerability in the AutoVue component in Oracle E-Business Suite 19.3.2 allows remote attackers to affect availability via unknown vectors.

5CVSS6AI score0.01417EPSS

CVE•added 2010/01/13 1:30 a.m.•42 views

CVE-2010-0077

Unspecified vulnerability in the CRM Technical Foundation (mobile) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality and integrity via unknown vectors.

6.4CVSS6AI score0.0042EPSS

CVE•added 2011/10/18 10:55 p.m.•42 views

CVE-2011-2308

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Online Help.

4.3CVSS5.9AI score0.00442EPSS

CVE•added 2013/01/17 1:55 a.m.•42 views

CVE-2013-0376

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Diagnostics.

4.3CVSS5.9AI score0.00311EPSS

CVE•added 2013/01/17 1:55 a.m.•42 views

CVE-2013-0377

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Client System Analyzer.

4.3CVSS5.9AI score0.00311EPSS

CVE•added 2013/07/17 1:41 p.m.•42 views

CVE-2013-3777

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon.

4.3CVSS5.9AI score0.00524EPSS

CVE•added 2014/07/17 5:10 a.m.•42 views

CVE-2014-2482

Unspecified vulnerability in the Oracle Concurrent Processing component in Oracle E-Business Suite 12.1.3, 12.2.2, and 12.2.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.4AI score0.00262EPSS

CVE•added 2014/07/17 5:10 a.m.•42 views

CVE-2014-4213

Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows remote attackers to affect integrity via unknown vectors.

4.3CVSS6.1AI score0.00524EPSS

CVE•added 2014/10/15 3:55 p.m.•42 views

CVE-2014-6479

Unspecified vulnerability in the Oracle Applications Technology component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via vectors related to OC4J Configuration.

4CVSS5.2AI score0.00262EPSS

CVE•added 2014/10/15 10:55 p.m.•42 views

CVE-2014-6561

Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 12.0.4, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Separate Remittance Advice.

4.3CVSS5.7AI score0.00409EPSS

CVE•added 2015/01/21 3:28 p.m.•42 views

CVE-2014-6581

Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Extract/Load Progra...

6.4CVSS5.7AI score0.00311EPSS

CVE•added 2015/07/16 10:59 a.m.•42 views

CVE-2015-2610

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Popup windows.

4.3CVSS5.8AI score0.00311EPSS

CVE•added 2015/10/21 11:59 p.m.•42 views

CVE-2015-4898

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via vectors related to Diagnostics and DMZ.

4CVSS5.4AI score0.0015EPSS

CVE•added 2016/01/21 3:0 a.m.•42 views

CVE-2016-0454

Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager.

2.1CVSS4.8AI score0.00158EPSS

CVE•added 2016/01/21 3:0 a.m.•42 views

CVE-2016-0507

4.3CVSS5.2AI score0.00287EPSS

CVE•added 2016/01/21 3:1 a.m.•42 views

CVE-2016-0517

6.4CVSS5AI score0.00311EPSS

CVE•added 2016/01/21 3:1 a.m.•42 views

CVE-2016-0524

Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Work Provider Administration.

6.4CVSS4.9AI score0.00311EPSS

CVE•added 2019/01/16 7:30 p.m.•42 views

CVE-2019-2491

Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Display). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with ne...

4.7CVSS4.7AI score0.0083EPSS

CVE•added 2019/01/16 7:30 p.m.•42 views

CVE-2019-2498

Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Dash board). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacke...

8.2CVSS8.2AI score0.01468EPSS

CVE•added 2024/10/15 8:15 p.m.•42 views

CVE-2024-21266

Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price List). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Advanced Pricing. Succe...

8.1CVSS7.8AI score0.00269EPSS

CVE•added 2005/03/12 5:0 a.m.•41 views

CVE-2003-1116

The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofi...

5CVSS6.5AI score0.01691EPSS

CVE•added 2004/08/06 4:0 a.m.•41 views

CVE-2004-0543

Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.

10CVSS8AI score0.06033EPSS

CVE•added 2006/03/07 11:2 a.m.•41 views

CVE-2006-1037

SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.

7.5CVSS8AI score0.00425EPSS

CVE•added 2006/07/21 2:3 p.m.•41 views

CVE-2006-3717

Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS03 and (2) APPS04 for Oracle Application Object Library; and (3) APPS20 for Oracle XML Gateway.

10CVSS6.9AI score0.02867EPSS

CVE•added 2006/10/18 1:7 a.m.•41 views

CVE-2006-5367

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS03 in Oracle Applications Framework, (2) APPS04 in Oracle Applications Technology Stack, and (3) APPS05 in Oracle Balanced Scorecard...

9CVSS6.5AI score0.02544EPSS

CVE•added 2006/10/18 1:7 a.m.•41 views

CVE-2006-5372

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS11 for Oracle Universal Work Queue and (2) APPS12 for Oracle Application Object Library.

9CVSS6.6AI score0.02544EPSS

CVE•added 2007/04/18 6:19 p.m.•41 views

CVE-2007-2128

Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated attack vectors, aka APPS08.

9CVSS6AI score0.0208EPSS

CVE•added 2007/04/24 8:19 p.m.•41 views

CVE-2007-2170

The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other CVE identifiers such as CVE-2007-2126, CVE-2007-21...

9.4CVSS6.2AI score0.0208EPSS

CVE•added 2008/07/15 11:41 p.m.•41 views

CVE-2008-2596

Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0.3 has unknown impact and remote authenticated attack vectors.

6.5CVSS5.8AI score0.00872EPSS

CVE•added 2008/10/14 9:11 p.m.•41 views

CVE-2008-3985

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.

5CVSS5.8AI score0.0032EPSS

CVE•added 2009/10/22 6:30 p.m.•41 views

CVE-2009-3408

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.1CVSS6AI score0.01005EPSS

CVE•added 2010/04/13 10:30 p.m.•41 views

CVE-2010-0857

Unspecified vulnerability in the Oracle Workflow Cartridge component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors.

3.5CVSS5.6AI score0.00381EPSS

CVE•added 2010/04/13 10:30 p.m.•41 views

CVE-2010-0861

Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality via unknown vectors.

5CVSS6AI score0.00909EPSS

CVE•added 2010/04/13 10:30 p.m.•41 views

CVE-2010-0869

Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Suite 5.5.05.07, 5.5.06.00, and 6.0.03 allows remote attackers to affect confidentiality via unknown vectors.

4.3CVSS6AI score0.00909EPSS

CVE•added 2010/10/14 12:0 a.m.•41 views

CVE-2010-2408

Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors.

4.3CVSS6AI score0.0042EPSS

CVE•added 2011/04/20 3:14 a.m.•41 views

CVE-2011-0796

Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors.

1.7CVSS5.6AI score0.00077EPSS

CVE•added 2011/04/20 3:14 a.m.•41 views

CVE-2011-0797

Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.

2.1CVSS5.6AI score0.00169EPSS

CVE•added 2011/10/18 10:55 p.m.•41 views

CVE-2011-3519

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.2 and 12.1.3 allows remote authenticated users to affect confidentiality, related to REST Services.

3.5CVSS5.8AI score0.00191EPSS

CVE•added 2012/07/17 10:55 p.m.•41 views

CVE-2012-1739

Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Financials Business Intelligence.

3.5CVSS5.4AI score0.00379EPSS

Total number of security vulnerabilities330