cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21565,https://securityvulnerability.io/vulnerability/CVE-2025-21565,Unauthenticated Network Access Vulnerability in Oracle Agile PLM Framework by Oracle,"The vulnerability within the Oracle Agile PLM Framework allows unauthenticated attackers with network access through HTTP to exploit the system, potentially compromising sensitive data. Attackers can gain unauthorized access to all accessible information within Oracle Agile PLM Framework, raising significant security concerns for users relying on this product. It is crucial for organizations utilizing the affected version to apply recommended security updates to mitigate the associated risks.",Oracle,Oracle Agile Plm Framework,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T20:53:22.045Z,0
CVE-2025-21564,https://securityvulnerability.io/vulnerability/CVE-2025-21564,Vulnerability in Oracle Agile PLM Framework Affects Data Security,"A vulnerability in the Oracle Agile PLM Framework's Agile Integration Services component allows attackers with low privileges and network access via HTTP to exploit the system. Successful exploitation can result in unauthorized access to sensitive data and potentially lead to a denial-of-service, causing unacceptable downtime. This flaw poses significant risks to data confidentiality and system availability, highlighting the need for immediate patching and safeguarding measures.",Oracle,Oracle Agile Plm Framework,8.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T20:53:21.675Z,0
CVE-2025-21560,https://securityvulnerability.io/vulnerability/CVE-2025-21560,Vulnerability in Oracle Agile PLM Framework of Oracle Supply Chain,"A vulnerability exists within the Oracle Agile PLM Framework that allows low privileged attackers with network access via HTTP to exploit the system. The flaw specifically impacts version 9.3.6, potentially giving unauthorized users access to sensitive data and compromising the integrity of the data managed within the Oracle Agile PLM Framework. This poses a significant risk to users relying on this platform for data security.",Oracle,Oracle Agile Plm Framework,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T20:53:20.101Z,0
CVE-2025-21556,https://securityvulnerability.io/vulnerability/CVE-2025-21556,Vulnerability in Oracle Agile PLM Framework by Oracle affecting Integration Services,"A vulnerability exists in Oracle's Agile PLM Framework affecting version 9.3.6, specifically within Agile Integration Services. This flaw allows a low privileged attacker with network access via HTTP to potentially compromise the system. While primarily associated with the Agile PLM Framework, exploitation could also affect related products, highlighting the vulnerability's broader impact. Successful exploitation can lead to complete takeover of the Agile PLM Framework, undermining confidentiality, integrity, and availability.",Oracle,Oracle Agile Plm Framework,9.9,CRITICAL,0.0004299999854993075,false,,true,false,true,2025-01-22T07:25:35.000Z,false,false,false,,2025-01-21T20:53:18.494Z,0
CVE-2024-21287,https://securityvulnerability.io/vulnerability/CVE-2024-21287,Oracle Agile PLM Framework Vulnerability Affects 9.3.6 Version,"CVE-2024-21287 is a critical vulnerability in the Oracle Agile PLM Framework affecting version 9.3.6. The flaw allows for unauthorized access to sensitive data and file disclosure, with a high CVSS score of 7.5. The vulnerability has been actively exploited in the wild, potentially allowing threat actors to download files from targeted systems. It was discovered by security researchers from CrowdStrike, and Oracle has urged users to apply the latest patches for protection. The impact of exploitation could lead to unauthorized access to critical data, emphasizing the need for swift mitigation measures. While it's unclear who the perpetrators are and their targets, the urgency of addressing this issue is highlighted by the active exploitation and potential for significant impact.",Oracle,Oracle Agile Plm Framework,7.5,HIGH,0.016340000554919243,true,2024-11-21T00:00:00.000Z,true,false,true,2024-11-19T16:51:34.000Z,,false,false,,2024-11-18T22:15:00.000Z,0
CVE-2024-20953,https://securityvulnerability.io/vulnerability/CVE-2024-20953,Oracle Agile PLM Vulnerability: Low-Privilege Attack Can Lead to Takeover,"A vulnerability exists in the Oracle Agile PLM product within the Oracle Supply Chain, specifically affecting the Export component of version 9.3.6. This flaw can be easily exploited by a low privileged attacker who has network access through HTTP. If successfully executed, the attack can lead to the complete takeover of Oracle Agile PLM, compromising the confidentiality, integrity, and availability of the system. Organizations using this affected version are advised to implement security measures immediately to mitigate potential risks.",Oracle,Agile Plm Framework,8.8,HIGH,0.0012499999720603228,false,,false,false,false,,,false,false,,2024-02-17T01:50:16.976Z,0
CVE-2023-22039,https://securityvulnerability.io/vulnerability/CVE-2023-22039,WebClient Vulnerability in Oracle Agile PLM by Oracle,"The vulnerability affects the Oracle Agile PLM WebClient, allowing an attacker with low privileges network access via HTTP to exploit the system. Although the attack requires interaction from a separate user, the repercussions can extend beyond Oracle Agile PLM, potentially impacting other associated products. Successful exploitation may lead to unauthorized modifications, such as updates, inserts, or deletions of data, and unauthorized read access to a portion of the accessible data within Oracle Agile PLM.",Oracle,Agile Plm Framework,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-07-18T21:15:00.000Z,0
CVE-2022-21467,https://securityvulnerability.io/vulnerability/CVE-2022-21467,Data Exposure Vulnerability in Oracle Agile PLM by Oracle,"The vulnerability in Oracle Agile PLM allows an attacker with low privileges and network access to exploit weaknesses in the Attachments component. This can lead to unauthorized access to critical information within the system, risking confidentiality and potentially compromising all accessible data. Organizations using Oracle Agile PLM version 9.3.6 should be particularly vigilant and seek immediate remediation to safeguard their information assets.",Oracle,Agile Plm Framework,6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-04-19T20:38:06.000Z,0
CVE-2020-2920,https://securityvulnerability.io/vulnerability/CVE-2020-2920,Security Flaw in Oracle Agile PLM Allows Network Access Exploitation,"An exploitable security vulnerability exists in Oracle Agile PLM that enables unauthorized access to sensitive data via HTTP. This flaw allows an unauthenticated attacker to compromise Oracle Agile PLM through social engineering, requiring human interaction for successful attack execution. The attacks not only threaten the integrity and confidentiality of the data but may also lead to unauthorized updates, inserts, deletions, and potentially expose accessible data to attackers.",Oracle,Agile Plm Framework,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-04-15T13:29:52.000Z,0
CVE-2019-2817,https://securityvulnerability.io/vulnerability/CVE-2019-2817,Vulnerability in Oracle Agile PLM of Oracle Supply Chain Products Suite,"A vulnerability exists in the Oracle Agile PLM component of Oracle Supply Chain Products Suite, specifically within its Folders, Files & Attachments subcomponent. This flaw affects Oracle Agile PLM versions 9.3.3 through 9.3.6 and allows low-privileged remote attackers with network access to potentially exploit the system. Successful exploitation necessitates user interaction from a targeted individual. The consequences of this vulnerability may include unauthorized access to sensitive data, which could result in full exposure of all accessible Oracle Agile PLM data, as well as the potential to induce a partial denial of service condition.",Oracle,Agile Plm Framework,5.4,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2018-2609,https://securityvulnerability.io/vulnerability/CVE-2018-2609,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Agile Plm Framework,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2017-10308,https://securityvulnerability.io/vulnerability/CVE-2017-10308,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Performance). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows physical access to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 3.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",Oracle,Agile Plm Framework,3.5,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10299,https://securityvulnerability.io/vulnerability/CVE-2017-10299,,Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).,Oracle,Agile Plm Framework,4.3,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10082,https://securityvulnerability.io/vulnerability/CVE-2017-10082,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Agile Plm Framework,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-10080,https://securityvulnerability.io/vulnerability/CVE-2017-10080,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Agile Plm Framework,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-10092,https://securityvulnerability.io/vulnerability/CVE-2017-10092,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Agile Plm Framework,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-10093,https://securityvulnerability.io/vulnerability/CVE-2017-10093,,Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Agile Plm Framework,5.3,MEDIUM,0.0013800000306218863,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-10094,https://securityvulnerability.io/vulnerability/CVE-2017-10094,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).",Oracle,Agile Plm Framework,5.4,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-10088,https://securityvulnerability.io/vulnerability/CVE-2017-10088,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Agile PLM executes to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 3.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N).",Oracle,Agile Plm Framework,3.4,LOW,0.000750000006519258,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-10052,https://securityvulnerability.io/vulnerability/CVE-2017-10052,,"Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: PCMServlet). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile PLM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile PLM accessible data as well as unauthorized read access to a subset of Oracle Agile PLM accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Agile Plm Framework,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0