cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21268,https://securityvulnerability.io/vulnerability/CVE-2024-21268,Vulnerability in Oracle Applications Manager Affects Oracle E-Business Suite,"A significant security vulnerability has been identified in the Oracle Applications Manager component of the Oracle E-Business Suite, specifically affecting versions 12.2.11 through 12.2.13. This vulnerability can be easily exploited by low privileged attackers with HTTP network access to compromise the Oracle Applications Manager environment. Successful exploitation can lead to unauthorized actions, including the creation, deletion, or modification of critical data. Attackers may gain complete access to all data managed by the Oracle Applications Manager, posing severe risks to data confidentiality and integrity. Organizations utilizing affected versions should take immediate steps to remediate this vulnerability to protect against potential data breaches and unauthorized access.",Oracle,Oracle Applications Manager,8.1,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-10-15T19:52:57.090Z,0
CVE-2021-35582,https://securityvulnerability.io/vulnerability/CVE-2021-35582,,"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: View Reports). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data as well as unauthorized read access to a subset of Oracle Applications Manager accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Applications Manager. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L).",Oracle,Applications Manager,6.5,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2021-10-20T10:50:26.000Z,0
CVE-2021-35581,https://securityvulnerability.io/vulnerability/CVE-2021-35581,,"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: View Reports). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data. CVSS 3.1 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N).",Oracle,Applications Manager,4.7,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2021-10-20T10:50:26.000Z,0
CVE-2021-35580,https://securityvulnerability.io/vulnerability/CVE-2021-35580,,"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: View Reports). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data as well as unauthorized read access to a subset of Oracle Applications Manager accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Applications Manager,6.1,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2021-10-20T10:50:25.000Z,0
CVE-2021-35569,https://securityvulnerability.io/vulnerability/CVE-2021-35569,,Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).,Oracle,Applications Manager,4.9,MEDIUM,0.0008900000248104334,false,false,false,false,,false,false,2021-10-20T10:50:16.000Z,0
CVE-2021-35566,https://securityvulnerability.io/vulnerability/CVE-2021-35566,,"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Applications Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Applications Manager,8.1,HIGH,0.0008900000248104334,false,false,false,false,,false,false,2021-10-20T10:50:13.000Z,0
CVE-2021-2275,https://securityvulnerability.io/vulnerability/CVE-2021-2275,,"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: View Reports). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Applications Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N).",Oracle,Applications Manager,6.5,MEDIUM,0.0009399999980814755,false,false,false,false,,false,false,2021-04-22T21:53:58.000Z,0
CVE-2020-14826,https://securityvulnerability.io/vulnerability/CVE-2020-14826,,Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: SQL Extensions). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Applications Manager accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Applications Manager,5.3,MEDIUM,0.0009699999936856329,false,false,false,false,,false,false,2020-10-21T14:04:27.000Z,0
CVE-2020-14811,https://securityvulnerability.io/vulnerability/CVE-2020-14811,,Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: AMP EBS Integration). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Applications Manager accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Applications Manager,5.3,MEDIUM,0.0009699999936856329,false,false,false,false,,false,false,2020-10-21T14:04:26.000Z,0
CVE-2020-14761,https://securityvulnerability.io/vulnerability/CVE-2020-14761,,"Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Oracle Diagnostics Interfaces). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data as well as unauthorized read access to a subset of Oracle Applications Manager accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",Oracle,Applications Manager,6.5,MEDIUM,0.001019999966956675,false,false,false,false,,false,false,2020-10-21T14:04:24.000Z,0
CVE-2020-2946,https://securityvulnerability.io/vulnerability/CVE-2020-2946,,"Vulnerability in the Application Performance Management product of Oracle Enterprise Manager (component: EM Request Monitoring). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Application Performance Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Application Performance Management accessible data as well as unauthorized update, insert or delete access to some of Application Performance Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Application Performance Management. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L).",Oracle,Apm - Application Performance Management,6,MEDIUM,0.0007999999797903001,false,false,false,false,,false,false,2020-04-15T13:29:53.000Z,0
CVE-2020-2614,https://securityvulnerability.io/vulnerability/CVE-2020-2614,,"Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: APM Mesh). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager for Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager for Fusion Middleware accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager for Fusion Middleware accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Fusion Middleware. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L).",Oracle,Apm - Application Performance Management,6,MEDIUM,0.0007999999797903001,false,false,false,false,,false,false,2020-01-15T16:34:03.000Z,0
CVE-2019-2825,https://securityvulnerability.io/vulnerability/CVE-2019-2825,,"Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Applications Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N).",Oracle,Applications Manager,6.5,MEDIUM,0.0008900000248104334,false,false,false,false,,false,false,2019-07-23T23:15:00.000Z,0
CVE-2019-2546,https://securityvulnerability.io/vulnerability/CVE-2019-2546,,"Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: SQL Extensions). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data. CVSS 3.0 Base Score 8.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H).",Oracle,Applications Manager,4.3,MEDIUM,0.0007999999797903001,false,false,false,false,,false,false,2019-01-16T19:00:00.000Z,0
CVE-2018-3167,https://securityvulnerability.io/vulnerability/CVE-2018-3167,,"Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite (subcomponent: User Monitoring). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Application Management Pack for Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Application Management Pack for Oracle E-Business Suite accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Application Management Pack For Oracle E-business Suite,5.3,MEDIUM,0.005280000157654285,false,false,false,false,,false,false,2018-10-17T01:00:00.000Z,0
CVE-2018-3235,https://securityvulnerability.io/vulnerability/CVE-2018-3235,,"Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: None). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data as well as unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Applications Manager,8.2,HIGH,0.0014700000174343586,false,false,false,false,,false,false,2018-10-17T01:00:00.000Z,0
CVE-2018-3237,https://securityvulnerability.io/vulnerability/CVE-2018-3237,,"Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Support Cart). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Applications Manager accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Applications Manager,5.3,MEDIUM,0.0013099999632686377,false,false,false,false,,false,false,2018-10-17T01:00:00.000Z,0
CVE-2018-2996,https://securityvulnerability.io/vulnerability/CVE-2018-2996,,"Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",Oracle,Applications Manager,7.5,HIGH,0.001500000013038516,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2017-10144,https://securityvulnerability.io/vulnerability/CVE-2017-10144,,Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Oracle Diagnostics Interfaces). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Applications Manager. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).,Oracle,Applications Manager,7.5,HIGH,0.0012199999764561653,false,false,false,false,,false,false,2017-08-08T15:00:00.000Z,0
CVE-2017-10179,https://securityvulnerability.io/vulnerability/CVE-2017-10179,,"Vulnerability in the Application Management Pack for Oracle E-Business Suite component of Oracle E-Business Suite (subcomponent: User Monitoring). Supported versions that are affected are AMP 12.1.0.4.0 and AMP 13.1.1.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Application Management Pack for Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Application Management Pack for Oracle E-Business Suite accessible data as well as unauthorized read access to a subset of Application Management Pack for Oracle E-Business Suite accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",Oracle,Application Management Pack For Oracle E-business Suite,6.5,MEDIUM,0.0014700000174343586,false,false,false,false,,false,false,2017-08-08T15:00:00.000Z,0
CVE-2017-3277,https://securityvulnerability.io/vulnerability/CVE-2017-3277,,"Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: OAM Client). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS v3.0 Base Score 4.9 (Confidentiality impacts).",Oracle,Applications Manager,4.9,MEDIUM,0.0008200000156648457,false,false,false,false,,false,false,2017-01-27T22:01:00.000Z,0
CVE-2016-3525,https://securityvulnerability.io/vulnerability/CVE-2016-3525,,Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality via vectors related to Cookie Management.,Oracle,Applications Manager,5.9,MEDIUM,0.0022799998987466097,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-0531,https://securityvulnerability.io/vulnerability/CVE-2016-0531,,Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Oracle Diagnostics Interfaces.,Oracle,Applications Manager,,,0.000859999970998615,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2015-0489,https://securityvulnerability.io/vulnerability/CVE-2015-0489,,Unspecified vulnerability in the Application Management Pack for Oracle E-Business Suite component in Oracle E-Business Suite AMP 121030 and 121020 allows local users to affect confidentiality via vectors related to EBS Plugin.,Oracle,E-business Suite Application Management Pack,,,0.0006000000284984708,false,false,false,false,,false,false,2015-04-16T16:00:00.000Z,0
CVE-2015-2808,https://securityvulnerability.io/vulnerability/CVE-2015-2808,,"The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the ""Bar Mitzvah"" issue.",Oracle,"Http Server,Integrated Lights Out Manager Firmware,Communications Application Session Controller,Communications Policy Management",,,0.004379999823868275,false,false,false,false,,false,false,2015-04-01T00:00:00.000Z,0