cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-21923,https://securityvulnerability.io/vulnerability/CVE-2023-21923,Unauthorized Data Access Vulnerability in Oracle Health Sciences InForm Product,"A vulnerability exists in the Oracle Health Sciences InForm product that allows low privileged attackers with HTTP network access to compromise the system. Affected versions, namely those prior to 6.3.1.3 and 7.0.0.1, could be exploited to create, delete, or modify critical data. This exploitation could further lead to unauthorized access to all accessible data and introduce partial denial of service scenarios. Organizations using this product need to implement appropriate patches to mitigate risks associated with potential data breaches and service disruptions.",Oracle,Health Sciences Inform,8.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21921,https://securityvulnerability.io/vulnerability/CVE-2023-21921,Vulnerability in Oracle Health Sciences InForm Product by Oracle,"An improper access control vulnerability exists in the Oracle Health Sciences InForm product, enabling an attacker with low privileges and network access through HTTP to exploit the system. This can lead to unauthorized updates, insertion, or deletion of data, as well as unauthorized reading of sensitive information within the application. The vulnerability affects versions prior to 6.3.1.3 and 7.0.0.1, exposing institutions to significant risks regarding the confidentiality and integrity of their data.",Oracle,Health Sciences Inform,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21922,https://securityvulnerability.io/vulnerability/CVE-2023-21922,Vulnerability in Oracle Health Sciences InForm by Oracle,"The vulnerability in Oracle Health Sciences InForm allows an unauthenticated attacker with HTTP network access to compromise the application. Although it is challenging to exploit, successful attempts require human interaction from a user other than the attacker. This can result in unauthorized creation, deletion, or modification of critical data, allowing an attacker to gain access to sensitive information. This vulnerability affects supported versions prior to 6.3.1.3 and 7.0.0.1, posing significant risks to the integrity and confidentiality of Oracle Health Sciences InForm data.",Oracle,Health Sciences Inform,6.8,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21926,https://securityvulnerability.io/vulnerability/CVE-2023-21926,Unauthorized Access Risk in Oracle Health Sciences InForm by Oracle,"The Oracle Health Sciences InForm product is vulnerable due to weak security measures, allowing unauthenticated attackers with logon access to the infrastructure to compromise the application. Attackers may exploit this vulnerability through social engineering, necessitating some form of human interaction for successful attacks. Affected users might face unauthorized access to sensitive data, resulting in significant confidentiality breaches.",Oracle,Health Sciences Inform,5.5,MEDIUM,0.0007099999929778278,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21924,https://securityvulnerability.io/vulnerability/CVE-2023-21924,Network Vulnerability in Oracle Health Sciences InForm Product,"A vulnerability has been identified in the Oracle Health Sciences InForm product, allowing high-privileged attackers with network access via HTTP to compromise the system. This security issue affects versions prior to 6.3.1.3 and 7.0.0.1. Exploiting this vulnerability necessitates human interaction from a user other than the attacker. While primarily impacting Oracle Health Sciences InForm, successful exploitation could also affect other products, potentially leading to unauthorized updates, deletions, or access to sensitive data, as well as partial denial of service conditions. It is critical for organizations utilizing this software to apply the necessary patches to safeguard against potential threats.",Oracle,Health Sciences Inform,5.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21925,https://securityvulnerability.io/vulnerability/CVE-2023-21925,Unauthenticated Network Vulnerability in Oracle Health Sciences InForm,"A security vulnerability exists in Oracle Health Sciences InForm that allows an unauthenticated attacker with network access to potentially compromise the system via HTTP. This flaw could lead to unauthorized activities that may result in a partial denial of service. The vulnerability affects versions prior to 6.3.1.3 and 7.0.0.1, highlighting the importance of upgrading to mitigate risks associated with unauthorized access.",Oracle,Health Sciences Inform,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2016-0635,https://securityvulnerability.io/vulnerability/CVE-2016-0635,,"Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.",Oracle,"Documaker,Insurance Policy Administration J2ee,Insurance Calculation Engine,Insurance Rules Palette,Enterprise Manager Ops Center,Primavera P6 Enterprise Project Portfolio Management,Retail Order Broker Cloud Service,Primavera Contract Management,Health Sciences Information Manager,Healthcare Master Person Index,Retail Integration Bus",8.8,HIGH,0.0020600000862032175,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0