CVSS: 8.2EPSS: 11%CPEs: 2EXPL: 0CVE-2021-2198
https://notcve.org/view.php?id=CVE-2021-2198
22 Apr 2021 — Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional... • https://www.oracle.com/security-alerts/cpuapr2021.html •
CVSS: 8.2EPSS: 1%CPEs: 1EXPL: 0CVE-2020-2841
https://notcve.org/view.php?id=CVE-2020-2841
15 Apr 2020 — Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional products. Successf... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 8.2EPSS: 1%CPEs: 9EXPL: 0CVE-2019-2660
https://notcve.org/view.php?id=CVE-2019-2660
23 Apr 2019 — Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: Setup, Admin). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Managemen... • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 7.5EPSS: 89%CPEs: 77EXPL: 4CVE-2019-0227 – Apache Axis 1.4 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-0227
10 Apr 2019 — A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue. Una vulnerabilidad de tipo SSRF (Server Side Request Forgery) afectó a la distribución de Apache Axis 1.4 que fue lanzada por última vez en 2006. ... • https://packetstorm.news/files/id/152462 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 2%CPEs: 76EXPL: 1CVE-2018-8032
https://notcve.org/view.php?id=CVE-2018-8032
02 Aug 2018 — Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. Apache Axis en versiones 1.x hasta la 1.4 (incluida) es vulnerable a un ataque de Cross-Site Scripting (XSS) en el servlet/services por defecto. • https://github.com/cairuojin/CVE-2018-8032 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0CVE-2017-10410
https://notcve.org/view.php?id=CVE-2017-10410
19 Oct 2017 — Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: Search). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html •
CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0CVE-2017-10411
https://notcve.org/view.php?id=CVE-2017-10411
19 Oct 2017 — Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, att... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html •
CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0CVE-2017-10412
https://notcve.org/view.php?id=CVE-2017-10412
19 Oct 2017 — Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, att... • http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3362
https://notcve.org/view.php?id=CVE-2017-3362
27 Jan 2017 — Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3363
https://notcve.org/view.php?id=CVE-2017-3363
27 Jan 2017 — Vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •