cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21092,https://securityvulnerability.io/vulnerability/CVE-2024-21092,Vulnerability in Oracle Agile Product Lifecycle Management for Process Component,"A vulnerability has been identified within the Oracle Agile Product Lifecycle Management for Process, specifically in the Product Quality Management component. The supported version affected is 6.2.4.2. This weakness is characterized by its ease of exploitation, allowing an attacker with low privileges and network access through HTTP to gain unauthorized control over sensitive information. If exploited, this flaw could enable the attacker to create, delete, or modify critical data within the system, undermining both the integrity and confidentiality of all accessible data within Oracle Agile Product Lifecycle Management for Process. Organizations utilizing this product are encouraged to review their security measures and apply necessary patches or mitigations as outlined in the Oracle Security Advisory.",Oracle,Agile Product Lifecycle Management For Process,8.1,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-20956,https://securityvulnerability.io/vulnerability/CVE-2024-20956,Oracle Agile PLM for Process Vulnerable to Unauthorized Access,"The vulnerability in Oracle Agile Product Lifecycle Management for Process exposes supported versions prior to 6.2.4.2 to exploitation by unauthenticated attackers with network access via HTTP. This flaw allows unauthorized updates, inserts, or deletions of accessible data, as well as unauthorized reads of certain data sets. Additionally, the vulnerability may facilitate a partial denial of service, impacting the availability of the product. Organizations utilizing the affected versions should prioritize remediation to safeguard their data integrity and overall system security.",Oracle,Agile Product Lifecycle Management For Process,7.3,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-02-17T01:50:17.379Z,0
CVE-2018-3134,https://securityvulnerability.io/vulnerability/CVE-2018-3134,,"Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: User Group Management). The supported version that is affected is 6.2.0.0. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Agile Product Lifecycle Management for Process executes to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Agile Product Lifecycle Management for Process accessible data as well as unauthorized read access to a subset of Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.0 Base Score 5.0 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N).",Oracle,Agile Product Lifecycle Management For Process,5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2018-10-17T01:00:00.000Z,0
CVE-2018-3069,https://securityvulnerability.io/vulnerability/CVE-2018-3069,,Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). The supported version that is affected is 6.2.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).,Oracle,Agile Product Lifecycle Management For Process,2.7,LOW,0.0004600000102072954,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2018-2572,https://securityvulnerability.io/vulnerability/CVE-2018-2572,,"Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). Supported versions that are affected are 6.1.1.6, 6.2.0.0 and 6.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile Product Lifecycle Management for Process. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Agile Product Lifecycle Management for Process, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Agile Product Lifecycle Management for Process accessible data as well as unauthorized read access to a subset of Oracle Agile Product Lifecycle Management for Process accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Agile Product Lifecycle Management For Process,6.1,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2018-04-19T02:00:00.000Z,0
CVE-2016-5504,https://securityvulnerability.io/vulnerability/CVE-2016-5504,,"Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Supplier Portal.",Oracle,Agile Product Lifecycle Management For Process,4.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2016-10-25T14:00:00.000Z,0