CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-2874
https://notcve.org/view.php?id=CVE-2018-2874
19 Apr 2018 — Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Logging). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library acce... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html •
CVSS: 5.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-2635
https://notcve.org/view.php?id=CVE-2018-2635
18 Jan 2018 — Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Login). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Application Object Library accessible data... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 9.1EPSS: 2%CPEs: 8EXPL: 0CVE-2018-2656
https://notcve.org/view.php?id=CVE-2018-2656
18 Jan 2018 — Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Manager Server). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle General Ledger ... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0CVE-2018-2684
https://notcve.org/view.php?id=CVE-2018-2684
18 Jan 2018 — Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Registration Process). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle User Management accessible data. CVSS 3.0 Ba... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 5.3EPSS: 1%CPEs: 6EXPL: 0CVE-2017-10066
https://notcve.org/view.php?id=CVE-2017-10066
19 Oct 2017 — Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Technology Stack. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Technology Stack a... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2017-10324
https://notcve.org/view.php?id=CVE-2017-10324
19 Oct 2017 — Vulnerability in the Oracle Applications Technology Stack component of Oracle E-Business Suite (subcomponent: Oracle Forms). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Technology Stack. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Applications Technology Stack accessible data. ... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-3515
https://notcve.org/view.php?id=CVE-2017-3515
24 Apr 2017 — Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: User Name/Password Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle User Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle User Management, attacks may significantly... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3520
https://notcve.org/view.php?id=CVE-2016-3520
21 Jul 2016 — Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality via vectors related to AOL Diagnostic tests. Vulnerabilidad no especificada en el componente Oracle Application Object Library en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a administradores remotos afectar la confidencialidad a través de vectores relacionados con pruebas AOL Diagnostic. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3524
https://notcve.org/view.php?id=CVE-2016-3524
21 Jul 2016 — Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration. Vulnerabilidad no especificada en el componente Oracle Applications Technology Stack en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores relacionados con Configuration. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3549
https://notcve.org/view.php?id=CVE-2016-3549
21 Jul 2016 — Unspecified vulnerability in the Oracle E-Business Suite Secure Enterprise Search component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Search Integration Engine. Vulnerabilidad no especificada en el componente Oracle E-Business Suite Secure Enterprise Search en Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4 y 12.2.5 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Search I... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •