CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21072
https://notcve.org/view.php?id=CVE-2024-21072
16 Apr 2024 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Data Provider UI). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change). Succes... • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20958
https://notcve.org/view.php?id=CVE-2024-20958
17 Feb 2024 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change).... • https://www.oracle.com/security-alerts/cpujan2024.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20941
https://notcve.org/view.php?id=CVE-2024-20941
17 Feb 2024 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: HTML UI). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change). Successful atta... • https://www.oracle.com/security-alerts/cpujan2024.html • CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20935
https://notcve.org/view.php?id=CVE-2024-20935
17 Feb 2024 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change)... • https://www.oracle.com/security-alerts/cpujan2024.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20933
https://notcve.org/view.php?id=CVE-2024-20933
17 Feb 2024 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change)... • https://www.oracle.com/security-alerts/cpujan2024.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20934
https://notcve.org/view.php?id=CVE-2024-20934
16 Jan 2024 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change)... • https://www.oracle.com/security-alerts/cpujan2024.html • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2022-21251
https://notcve.org/view.php?id=CVE-2022-21251
19 Jan 2022 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Instance Main). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Installed Base. CVSS 3.1 Base Score 7.5 (Availability impacts). • https://www.oracle.com/security-alerts/cpujan2022.html •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2023
https://notcve.org/view.php?id=CVE-2021-2023
20 Jan 2021 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products. Successful attac... • https://www.oracle.com/security-alerts/cpujan2021.html •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14822
https://notcve.org/view.php?id=CVE-2020-14822
21 Oct 2020 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products. Successful ... • https://www.oracle.com/security-alerts/cpuoct2020.html •
CVSS: 4.7EPSS: 1%CPEs: 1EXPL: 0CVE-2019-3024
https://notcve.org/view.php?id=CVE-2019-3024
16 Oct 2019 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products. Successful att... • http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html •