Transportation Management Security Vulnerabilities and Issues — Transportation Management CVE List

Lucene search

OracleTransportation Management

4 matches found

CVE•added 2019/04/20 12:29 a.m.•2227 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.01294EPSS

In wild

CVE•added 2019/12/23 5:15 p.m.•1171 views

CVE-2019-17563

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, this...

7.5CVSS7.7AI score0.05804EPSS

CVE•added 2019/01/16 7:30 p.m.•38 views

CVE-2019-2487

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure). Supported versions that are affected are 6.3.7, 6.4.1, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HT...

6.5CVSS6AI score0.0027EPSS

CVE•added 2019/04/23 7:32 p.m.•34 views

CVE-2019-2709

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 6.3.7, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

6.1CVSS5.5AI score0.008EPSS