CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2865
https://notcve.org/view.php?id=CVE-2018-2865
19 Apr 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle General Ledger accessible data. CVSS 3.0 Ba... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2866
https://notcve.org/view.php?id=CVE-2018-2866
19 Apr 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle General Ledger accessible data. CVSS 3.0 Ba... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2872
https://notcve.org/view.php?id=CVE-2018-2872
19 Apr 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle General Ledger accessible data. CVSS 3.0 Base Sc... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2873
https://notcve.org/view.php?id=CVE-2018-2873
19 Apr 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle General Ledger accessible data. CVSS 3.0 Base Sc... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 9.1EPSS: 2%CPEs: 8EXPL: 0CVE-2018-2656
https://notcve.org/view.php?id=CVE-2018-2656
18 Jan 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Manager Server). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle General Ledger ... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0454
https://notcve.org/view.php?id=CVE-2016-0454
21 Jan 2016 — Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager. Vulnerabilidad no especificada en el componente Oracle Mobile Application Servlet en Oracle E-Business Suite 12.1 y 12.2 permite a usuarios locales afectar a la confidencialidad a través de vectores relacionados con MWA Server Manager. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0456
https://notcve.org/view.php?id=CVE-2016-0456
21 Jan 2016 — Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to REST Framework, a different vulnerability than CVE-2016-0457. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of servic... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0459
https://notcve.org/view.php?id=CVE-2016-0459
21 Jan 2016 — Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote authenticated users to affect integrity via unknown vectors related to Popup Windows. Vulnerabilidad no especificada en el componente Oracle Applications Framework en Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos relacionados con Pop... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0526
https://notcve.org/view.php?id=CVE-2016-0526
21 Jan 2016 — Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via unknown vectors related to Wireless Framework. Vulnerabilidad no especificada en el componente Oracle CRM Technical Foundation en Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Wireless Framewo... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-0527
https://notcve.org/view.php?id=CVE-2016-0527
21 Jan 2016 — Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0528, CVE-2016-0529, and CVE-2016-0530. Vulnerabilidad no especificada en el componente Oracle Customer Interaction History en Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •