CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-3515
https://notcve.org/view.php?id=CVE-2017-3515
24 Apr 2017 — Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: User Name/Password Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle User Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle User Management, attacks may significantly... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3520
https://notcve.org/view.php?id=CVE-2016-3520
21 Jul 2016 — Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality via vectors related to AOL Diagnostic tests. Vulnerabilidad no especificada en el componente Oracle Application Object Library en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a administradores remotos afectar la confidencialidad a través de vectores relacionados con pruebas AOL Diagnostic. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3524
https://notcve.org/view.php?id=CVE-2016-3524
21 Jul 2016 — Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration. Vulnerabilidad no especificada en el componente Oracle Applications Technology Stack en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores relacionados con Configuration. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3549
https://notcve.org/view.php?id=CVE-2016-3549
21 Jul 2016 — Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine. Vulnerabilidad no especificada en el componente Oracle E-Business Suite Secure Enterprise Search en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Search I... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0454
https://notcve.org/view.php?id=CVE-2016-0454
21 Jan 2016 — Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager. Vulnerabilidad no especificada en el componente Oracle Mobile Application Servlet en Oracle E-Business Suite 12.1 y 12.2 permite a usuarios locales afectar a la confidencialidad a través de vectores relacionados con MWA Server Manager. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0456
https://notcve.org/view.php?id=CVE-2016-0456
21 Jan 2016 — Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to REST Framework, a different vulnerability than CVE-2016-0457. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of servic... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0459
https://notcve.org/view.php?id=CVE-2016-0459
21 Jan 2016 — Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote authenticated users to affect integrity via unknown vectors related to Popup Windows. Vulnerabilidad no especificada en el componente Oracle Applications Framework en Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos relacionados con Pop... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0526
https://notcve.org/view.php?id=CVE-2016-0526
21 Jan 2016 — Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via unknown vectors related to Wireless Framework. Vulnerabilidad no especificada en el componente Oracle CRM Technical Foundation en Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Wireless Framewo... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-0527
https://notcve.org/view.php?id=CVE-2016-0527
21 Jan 2016 — Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0528, CVE-2016-0529, and CVE-2016-0530. Vulnerabilidad no especificada en el componente Oracle Customer Interaction History en Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-0528
https://notcve.org/view.php?id=CVE-2016-0528
21 Jan 2016 — Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0527, CVE-2016-0529, and CVE-2016-0530. Vulnerabilidad no especificada en el componente Oracle Customer Interaction History en Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •