CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21040
https://notcve.org/view.php?id=CVE-2024-21040
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21039
https://notcve.org/view.php?id=CVE-2024-21039
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-285: Improper Authorization •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21038
https://notcve.org/view.php?id=CVE-2024-21038
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21037
https://notcve.org/view.php?id=CVE-2024-21037
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21036
https://notcve.org/view.php?id=CVE-2024-21036
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21035
https://notcve.org/view.php?id=CVE-2024-21035
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-285: Improper Authorization •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21034
https://notcve.org/view.php?id=CVE-2024-21034
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-269: Improper Privilege Management •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21033
https://notcve.org/view.php?id=CVE-2024-21033
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21032
https://notcve.org/view.php?id=CVE-2024-21032
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21031
https://notcve.org/view.php?id=CVE-2024-21031
16 Apr 2024 — Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks... • https://www.oracle.com/security-alerts/cpuapr2024.html • CWE-285: Improper Authorization •