9 matches found
CVE-2024-20907
Oracle E-Business Suite CVE-2024-20907 affects Oracle Web Applications Desktop Integrator (component: File download) in versions 12.2.3–12.2.13. The root cause is insufficient input validation in the file download component. The vulnerability allows an unauthenticated attacker, reachable over HTT...
CVE-2024-21048
CVE-2024-21048 affects Oracle E-Business Suite’s Oracle Web Applications Desktop Integrator (XML input) for versions 12.2.3–12.2.13. The root cause is insufficient input validation in the XML input component, enabling a low-privileged, network-accessible attacker over HTTP to read data from the a...
CVE-2023-22037
The CVE-2023-22037 vulnerability affects Oracle E-Business Suite’s Oracle Web Applications Desktop Integrator (MS Excel Specific) with affected versions 12.2.3–12.2.12. The issue enables a low-privilege, network-accessible attacker (via HTTP) to compromise the component, requiring user interactio...
CVE-2022-39428
CVE-2022-39428 affects Oracle Web Applications Desktop Integrator, a component of Oracle E-Business Suite. The vulnerability is in the Upload module and affects supported versions 12.2.3–12.2.11. An unauthenticated attacker with network access over HTTP can compromise the component, potentially l...
CVE-2021-2434
CVE-2021-2434 affects Oracle E-Business Suite’s Oracle Web Applications Desktop Integrator (component: Application Service). Affected versions are 12.1.3 and 12.2.3–12.2.10. The vulnerability allows a low-privileged, unauthenticated attacker with network access via HTTP to compromise the Oracle W...
CVE-2020-2591
CVE-2020-2591 affects Oracle Web Applications Desktop Integrator (component: Application Service) in Oracle E-Business Suite, version 12.1.3. The CVSS 3.0 base score is 8.2 (HIGH) with network access required and user interaction, potentially leading to unauthorized read/write of data and broader...
CVE-2017-10323
CVE-2017-10323 affects Oracle Web Applications Desktop Integrator (WADI) in Oracle E-Business Suite. Affected: 12.x E-Business Suite versions 12.1.1–12.2.6. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise WADI, with exploitation requiring some user ...
CVE-2016-3523
CVE-2016-3523 is described in the provided documents as an unspecified vulnerability in the Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite affecting versions 12.1.3, 12.2.3, 12.2.4, and 12.2.5. The issue reportedly allows remote attackers to affect integrity via v...
CVE-2016-3522
CVE-2016-3522 refers to an unspecified vulnerability in the Oracle E-Business Suite Web Applications Desktop Integrator (WADI) component. Affected are E-Business Suite versions 12.1.3, 12.2.3, 12.2.4, and 12.2.5. The flaw is reported under the Application Service subcomponent and allows remote at...