CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2019-2396
https://notcve.org/view.php?id=CVE-2019-2396
16 Jan 2019 — Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Messages). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attac... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 9.1EPSS: 1%CPEs: 7EXPL: 0CVE-2019-2489
https://notcve.org/view.php?id=CVE-2019-2489
16 Jan 2019 — Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: OCM Query). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle One-to-One Fulfil... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 8.2EPSS: 1%CPEs: 9EXPL: 0CVE-2019-2498
https://notcve.org/view.php?id=CVE-2019-2498
16 Jan 2019 — Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Dash board). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Managemen... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.7EPSS: 0%CPEs: 9EXPL: 0CVE-2019-2485
https://notcve.org/view.php?id=CVE-2019-2485
16 Jan 2019 — Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Mobile Field Service. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Mobile Field Serv... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 8.2EPSS: 1%CPEs: 9EXPL: 0CVE-2019-2440
https://notcve.org/view.php?id=CVE-2019-2440
16 Jan 2019 — Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Marketing, attacks may significantly im... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2019-2546
https://notcve.org/view.php?id=CVE-2019-2546
16 Jan 2019 — Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: SQL Extensions). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in un... • http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-2934
https://notcve.org/view.php?id=CVE-2018-2934
18 Jul 2018 — Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Application Object Library accessible data. CVSS 3.0 Base Score 5.... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-665: Improper Initialization •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2872
https://notcve.org/view.php?id=CVE-2018-2872
19 Apr 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle General Ledger accessible data. CVSS 3.0 Base Sc... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2865
https://notcve.org/view.php?id=CVE-2018-2865
19 Apr 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle General Ledger accessible data. CVSS 3.0 Ba... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-2864
https://notcve.org/view.php?id=CVE-2018-2864
19 Apr 2018 — Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Application Object Library accessible data. CVSS 3.0 B... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •