CVSS: 5.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-2635
https://notcve.org/view.php?id=CVE-2018-2635
18 Jan 2018 — Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Login). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Application Object Library accessible data... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 0CVE-2018-2656
https://notcve.org/view.php?id=CVE-2018-2656
18 Jan 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Manager Server). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle General Ledger ... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2017-10324
https://notcve.org/view.php?id=CVE-2017-10324
19 Oct 2017 — Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Technology Stack. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Applications Technology Stack accessible data. ... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2017-10066
https://notcve.org/view.php?id=CVE-2017-10066
19 Oct 2017 — Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Technology Stack. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Technology Stack a... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html •
CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-3515
https://notcve.org/view.php?id=CVE-2017-3515
24 Apr 2017 — Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: User Name/Password Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle User Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle User Management, attacks may significantly... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3520
https://notcve.org/view.php?id=CVE-2016-3520
21 Jul 2016 — Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality via vectors related to AOL Diagnostic tests. Vulnerabilidad no especificada en el componente Oracle Application Object Library en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a administradores remotos afectar la confidencialidad a través de vectores relacionados con pruebas AOL Diagnostic. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3524
https://notcve.org/view.php?id=CVE-2016-3524
21 Jul 2016 — Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration. Vulnerabilidad no especificada en el componente Oracle Applications Technology Stack en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores relacionados con Configuration. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3549
https://notcve.org/view.php?id=CVE-2016-3549
21 Jul 2016 — Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine. Vulnerabilidad no especificada en el componente Oracle E-Business Suite Secure Enterprise Search en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Search I... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0526
https://notcve.org/view.php?id=CVE-2016-0526
21 Jan 2016 — Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via unknown vectors related to Wireless Framework. Vulnerabilidad no especificada en el componente Oracle CRM Technical Foundation en Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Wireless Framewo... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2016-0528
https://notcve.org/view.php?id=CVE-2016-0528
21 Jan 2016 — Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0527, CVE-2016-0529, and CVE-2016-0530. Vulnerabilidad no especificada en el componente Oracle Customer Interaction History en Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •