CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21377
https://notcve.org/view.php?id=CVE-2022-21377
19 Jan 2022 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web API). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2 and 20.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update,... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21376
https://notcve.org/view.php?id=CVE-2022-21376
19 Jan 2022 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2 and 20.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized upda... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21281
https://notcve.org/view.php?id=CVE-2022-21281
19 Jan 2022 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2, 20.0.0.0 and 20.0.0.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Portfolio Managemen... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21269
https://notcve.org/view.php?id=CVE-2022-21269
19 Jan 2022 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2, 20.0.0.0 and 20.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Portfolio Managemen... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21244
https://notcve.org/view.php?id=CVE-2022-21244
19 Jan 2022 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2, 20.0.0.0 and 20.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unautho... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21243
https://notcve.org/view.php?id=CVE-2022-21243
19 Jan 2022 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2, 20.0.0.0 and 20.0.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Primavera Portfol... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-21242
https://notcve.org/view.php?id=CVE-2022-21242
19 Jan 2022 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 18.0.0.0-18.0.3.0, 19.0.0.0-19.0.1.2, 20.0.0.0 and 20.0.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Portfolio Management... • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2562
https://notcve.org/view.php?id=CVE-2020-2562
15 Jul 2020 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Investor Module). Supported versions that are affected are 16.1.0.0-16.1.5.1, 18.0.0.0-18.0.2.0 and 19.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera Portfolio Management, at... • https://www.oracle.com/security-alerts/cpujul2020.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-14566
https://notcve.org/view.php?id=CVE-2020-14566
15 Jul 2020 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 16.1.0.0-16.1.5.1, 18.0.0.0-18.0.2.0 and 19.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized upda... • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2020-14549
https://notcve.org/view.php?id=CVE-2020-14549
15 Jul 2020 — Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Web Server). Supported versions that are affected are 16.1.0.0-16.1.5.1, 18.0.0.0-18.0.2.0 and 19.0.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Primavera Portfolio Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized a... • https://www.oracle.com/security-alerts/cpujul2020.html •