Page 4 of 46 results (0.006 seconds)

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/99692 http://www.securitytracker.com/id/1038947 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5512. Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 2.1.1, 3.0.1 y 3.1.2 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Java Server Faces. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93655 • CWE-284: Improper Access Control •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5521. Vulnerabilidad no especificada en el componente Oracle Agile PLM en Oracle Supply Chain Products Suite 9.3.4 y 9.3.5 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-5521. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93660 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Agile PLM en Oracle Supply Chain Products Suite 9.3.4 y 9.3.5 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93675 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Apache Tomcat. Vulnerabilidad no especificada en el componente Oracle Agile PLM en Oracle Supply Chain Products Suite 9.3.4 y 9.3.5 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con Apache Tomcat. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93652 • CWE-284: Improper Access Control •