CVSS: 5.9EPSS: 65%CPEs: 213EXPL: 10CVE-2021-45105 – Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
https://notcve.org/view.php?id=CVE-2021-45105
18 Dec 2021 — Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. Apache Log4j2 versiones 2.0-alpha1 hasta 2.16.0 (excluyendo las versiones 2.12.3 y 2.3.1) no protegían de la recursión no controlada de las búsquedas autorreferenciales.... • https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 • CWE-20: Improper Input Validation CWE-674: Uncontrolled Recursion •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2618
https://notcve.org/view.php?id=CVE-2015-2618
16 Jul 2015 — Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Input validation. Vulnerabilidad no especificada en el componente Oracle Application Object Library en Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3 y 12.2.4, permite a usuarios remotos autenticados afectar la integridad a través de vectores desconocidos relacionad... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-2630 – Oracle E-Business Suite Open Redirection
https://notcve.org/view.php?id=CVE-2015-2630
16 Jul 2015 — Unspecified vulnerability in the Technology stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Applet startup. Vulnerabilidad no especificada en el componente de pila Technology en Oracle E-Business Suite 11.5.10.2, 12.0.6 y 12.1.3, permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Applet startup. Oracle E-Business Suite is prone to a remote URL-redirection vuln... • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2645
https://notcve.org/view.php?id=CVE-2015-2645
16 Jul 2015 — Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Web Applications Desktop Integrator en Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3 y 12.2.4, permite a usuarios remotos autenticados afectar la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2015-2652
https://notcve.org/view.php?id=CVE-2015-2652
16 Jul 2015 — Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Web Management. Vulnerabilidad no especificada en el componente Oracle Marketing en Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3 y 12.2.4, permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con Web Management. • http://seclists.org/fulldisclosure/2015/Oct/33 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4739
https://notcve.org/view.php?id=CVE-2015-4739
16 Jul 2015 — Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors related to Help screens. Vulnerabilidad no especificada en el componente Oracle Application Object Library en Oracle E-Business Suite 11.5.10.2, permite a usuarios remotos autenticados afectar la integridad a través de vectores desconocidos relacionados con Help screens. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3988
https://notcve.org/view.php?id=CVE-2008-3988
14 Oct 2008 — Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificadas en el componente iSupplier Portal en Oracle E-Business Suite v11.5.10.2 y v12.0.4 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos. • http://secunia.com/advisories/32291 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-3993
https://notcve.org/view.php?id=CVE-2008-3993
14 Oct 2008 — Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Applications Framework component en Oracle E-Business Suite v11.5.10.2 y v12.0.4 permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos. • http://secunia.com/advisories/32291 •
CVSS: 10.0EPSS: 1%CPEs: 46EXPL: 0CVE-2006-1884
https://notcve.org/view.php?id=CVE-2006-1884
20 Apr 2006 — Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. • http://secunia.com/advisories/19712 •
CVSS: 10.0EPSS: 3%CPEs: 12EXPL: 0CVE-2005-3457
https://notcve.org/view.php?id=CVE-2005-3457
02 Nov 2005 — Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS. • http://secunia.com/advisories/17250 •