Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

e-business suite vulnerabilities and exploits

(subscribe to this query)
9.9
CVSSv3
CVE-2020-2586
Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...
Oracle Human Resources
9.9
CVSSv3
CVE-2020-2587
Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTT...
Oracle Human Resources
9.9
CVSSv3
CVE-2019-2633
Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Messages). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged at...
Oracle Work In Process 12.1.2Oracle Work In Process 12.2.5Oracle Work In Process 12.1.3Oracle Work In Process 12.2.4Oracle Work In Process 12.2.6Oracle Work In Process 12.1.1Oracle Work In Process 12.2.8Oracle Work In Process 12.2.7Oracle Work In Process 12.2.3
9.9
CVSSv3
CVE-2019-2638
Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability all...
Oracle General Ledger 12.2.5Oracle General Ledger 12.2.3Oracle General Ledger 12.2.8Oracle General Ledger 12.1.2Oracle General Ledger 12.1.1Oracle General Ledger 12.1.3Oracle General Ledger 12.2.6Oracle General Ledger 12.2.4Oracle General Ledger 12.2.7
9.8
CVSSv3
CVE-2022-39428
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro...
Oracle Web Applications Desktop Integrator
9.8
CVSSv3
CVE-2022-21587
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro...
Oracle E-business Suite
9.8
CVSSv3
CVE-2022-23305
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows malicious users to manipulate the SQL by ent...
Apache Log4jNetapp Snapmanager -Broadcom Brocade Sannav -Qos Reload4jOracle Weblogic Server 12.2.1.3.0Oracle Business Intelligence 12.2.1.3.0Oracle Business Process Management Suite 12.2.1.3.0Oracle Jdeveloper 12.2.1.3.0Oracle Identity Management Suite 12.2.1.3.0Oracle Business Intelligence 12.2.1.4.0Oracle Weblogic Server 12.2.1.4.0Oracle Weblogic Server 14.1.1.0.0Oracle Enterprise Manager Base Platform 13.4.0.0Oracle Communications Network Integrity 7.3.6Oracle Business Process Management Suite 12.2.1.4.0Oracle Advanced Supply Chain Planning 12.2Oracle Advanced Supply Chain Planning 12.1Oracle Communications Unified Inventory Management 7.4.1Oracle Enterprise Manager Base Platform 13.5.0.0Oracle Communications Messaging Server 8.1Oracle Business Intelligence 5.9.0.0.0Oracle Healthcare Foundation 8.1.0
9.8
CVSSv3
CVE-2021-2029
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...
Oracle Scripting
9.8
CVSSv3
CVE-2020-14855
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compro...
Oracle Universal Work Queue 12.1.3
9.8
CVSSv3
CVE-2004-1363
Buffer overflow in extproc in Oracle 10g allows remote malicious users to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
Oracle Database Server 8.1.7.4Oracle Application Server 9.0.2.1Oracle Application ServerOracle Database Server 9.0.1.5Oracle Application Server 9.0.2.0.0Oracle E-business Suite 11.5.5Oracle Enterprise Manager 9.0.1Oracle Database Server 9.0.4Oracle Application Server 9.0.4Oracle E-business Suite 11.5.4Oracle Database Server 9.2.0.4Oracle Application Server 9.0.2.3Oracle E-business Suite 11.5.2Oracle Application Server 9.0.4.1Oracle E-business Suite 11.5.7Oracle Database Server 10.1.0.2Oracle Application Server 9.0.2.0.1Oracle Application Server 9.0.4.0Oracle E-business Suite 11.5.1Oracle Enterprise Manager 9Oracle Application Server 9.0.2.2Oracle Application Server 9.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook