cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-2483,https://securityvulnerability.io/vulnerability/CVE-2019-2483,Vulnerability in Oracle iStore Affecting Oracle E-Business Suite,"The vulnerability within Oracle iStore, part of the Oracle E-Business Suite, poses a significant risk by allowing unauthenticated attackers with network access via HTTP to compromise the system. The vulnerability can be exploited through user interaction with a malicious link or scripted payload, requiring engagement from a targeted individual. While it primarily affects Oracle iStore, successful exploitation can lead to unauthorized access to critical data files and manipulation of accessible Oracle iStore data. Affected versions include 12.1.1 through 12.2.8, highlighting the urgent need for security updates to mitigate potential risks associated with this vulnerability.",Oracle,Oracle Istore,8.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-12-24T19:00:09.862Z,0
CVE-2024-21143,https://securityvulnerability.io/vulnerability/CVE-2024-21143,Unauthenticated Access Flaw in Oracle iStore User Management,"A vulnerability exists in the User Management component of Oracle iStore within the Oracle E-Business Suite. This flaw allows an unauthenticated attacker with network access via HTTP to potentially exploit Oracle iStore. Successful exploitation could lead to unauthorized access to sensitive data, making personal and corporate information at risk. The affected versions include Oracle iStore from 12.2.3 to 12.2.13. Organizations using these versions should review their security measures immediately.",Oracle,Istore,5.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2024-20938,https://securityvulnerability.io/vulnerability/CVE-2024-20938,Unauthenticated Access Vulnerability in Oracle iStore of Oracle E-Business Suite,"A vulnerability exists in the Oracle iStore component of Oracle E-Business Suite. This flaw allows unauthenticated attackers with network access via HTTP to exploit the system. While the attack requires human interaction from another individual, it poses a significant risk to Oracle iStore and potentially compromises other integrated components. Successful exploitations can result in unauthorized access to modify or delete accessible data, as well as unauthorized read access to certain data sets. This vulnerability highlights the crucial need for enhanced security measures and proactive monitoring in affected systems.",Oracle,iStore,6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-01-16T21:41:18.340Z,0
CVE-2022-21354,https://securityvulnerability.io/vulnerability/CVE-2022-21354,Unauthorized Data Access Vulnerability in Oracle iStore Product,"A vulnerability in the Oracle iStore component of Oracle E-Business Suite allows an unauthenticated attacker with network access via HTTP to compromise the application. Successful exploitation requires human interaction from a different individual, potentially leading to unauthorized update, insertion, or deletion of accessible data. Additionally, the vulnerability can provide unauthorized read access to certain subsets of the accessible data. This poses significant risks, not only to Oracle iStore but also potentially impacting other interconnected products within the Oracle ecosystem.",Oracle,Istore,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-19T11:25:26.000Z,0
CVE-2021-2241,https://securityvulnerability.io/vulnerability/CVE-2021-2241,Vulnerability in Oracle E-Business Suite Shopping Cart,"A vulnerability affecting the Oracle iStore component of Oracle E-Business Suite allows an attacker with limited privileges and network access to exploit the system. The security flaw enables unauthorized users to create, delete, or modify sensitive data in the Oracle iStore. Attackers could gain significant access to critical data that was otherwise protected, posing a threat to the confidentiality and integrity of information handled by the shopping cart functionality of the application.",Oracle,Istore,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-04-22T21:53:54.000Z,0
CVE-2021-2197,https://securityvulnerability.io/vulnerability/CVE-2021-2197,Vulnerability in Oracle iStore Shopping Cart of Oracle E-Business Suite,"The vulnerability in Oracle iStore allows an unauthenticated attacker to exploit the component via HTTP, leading to unauthorized access to sensitive data. Although the exploit requires human interaction from a third party, successful attacks can grant attackers significant access, enabling them to view, modify, or delete critical data within Oracle iStore. This poses risks not only to the iStore itself but also to other interconnected products, emphasizing the need for immediate remediation and security measures.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:50.000Z,0
CVE-2021-2199,https://securityvulnerability.io/vulnerability/CVE-2021-2199,Unauthenticated Data Access Vulnerability in Oracle E-Business Suite iStore,"A vulnerability in the Oracle iStore component of Oracle E-Business Suite allows an unauthenticated attacker with network access to compromise the iStore functionality. Successful exploitation requires human interaction from a third party, which may lead to unauthorized access to critical data. The vulnerability can result in unauthorized updates, inserts, or deletions of data accessible through Oracle iStore, substantially impacting data confidentiality and integrity.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:50.000Z,0
CVE-2021-2188,https://securityvulnerability.io/vulnerability/CVE-2021-2188,Unauthenticated Access Vulnerability in Oracle iStore Component of Oracle E-Business Suite,"An unauthenticated access vulnerability exists in the Oracle iStore component of Oracle E-Business Suite, affecting multiple versions. This flaw allows an attacker to exploit the system via HTTP, requiring human interaction from a third party for successful execution. The results can lead to unauthorized access to sensitive data and significant alterations, including unauthorized updates, inserts, or deletions of Oracle iStore accessible data. This vulnerability poses a considerable risk as it can compromise confidentiality and integrity of critical information stored within the platform.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:49.000Z,0
CVE-2021-2187,https://securityvulnerability.io/vulnerability/CVE-2021-2187,Unauthorized Access Vulnerability in Oracle E-Business Suite's Shopping Cart,"A vulnerability exists in Oracle iStore within the Oracle E-Business Suite, specifically in the Shopping Cart component. It allows an unauthenticated attacker with network access via HTTP to cause significant security issues. Successful exploitation of this vulnerability requires human interaction from a user other than the attacker. While the vulnerability is specific to Oracle iStore, the implications can extend to other connected products, potentially leading to unauthorized access to sensitive data and capabilities such as altering, inserting, or deleting data within iStore. Organizations using affected versions of Oracle iStore must act promptly to mitigate risks associated with this vulnerability.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:49.000Z,0
CVE-2021-2185,https://securityvulnerability.io/vulnerability/CVE-2021-2185,Security Vulnerability in Oracle iStore Shopping Cart by Oracle,"A vulnerability exists in the Oracle iStore component of the Oracle E-Business Suite's Shopping Cart functionality. This weakness could allow an unauthenticated attacker with network access to compromise Oracle iStore. The successful exploitation of this vulnerability requires human interaction from a third party, which increases the complexity of an attack. Once exploited, an attacker could gain unauthorized access to sensitive data, with capabilities to read, update, insert, or delete data accessible through Oracle iStore. The implications of this vulnerability extend beyond iStore, potentially affecting other connected systems. Organizations using affected versions are encouraged to implement security measures to mitigate risks.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:48.000Z,0
CVE-2021-2184,https://securityvulnerability.io/vulnerability/CVE-2021-2184,Security weakness in Oracle iStore Shopping Cart by Oracle,"A vulnerability exists in Oracle iStore that can be exploited by an unauthenticated attacker with network access via HTTP. The flaw is in the Shopping Cart component, affecting several versions of Oracle iStore. Successful exploitation could grant the attacker unauthorized access to critical data stored in Oracle iStore. This includes the ability to update, insert, or delete data, posing significant risks to businesses relying on this application. Human interaction is required for successful attacks, further complicating threat mitigation.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:48.000Z,0
CVE-2021-2186,https://securityvulnerability.io/vulnerability/CVE-2021-2186,Unauthorized Data Access Vulnerability in Oracle iStore Shopping Cart,"The vulnerability in Oracle iStore within the Oracle E-Business Suite compromises the security of the Shopping Cart component. An unauthenticated attacker can exploit this vulnerability via HTTP, which may allow unauthorized access to sensitive data stored within Oracle iStore. While these attacks necessitate human interaction, they can lead to serious consequences, including unauthorized updates, inserts, or deletions of accessible data. As a result, even though the vulnerability is contained within Oracle iStore, it has the potential to affect additional integrated products within the suite.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:48.000Z,0
CVE-2021-2183,https://securityvulnerability.io/vulnerability/CVE-2021-2183,Vulnerability in Oracle E-Business Suite's Shopping Cart Component,"Oracle iStore within the Oracle E-Business Suite experiences a flaw that enables unauthenticated attackers to exploit this vulnerability over HTTP. While this weakness primarily resides within the shopping cart functionality, successful exploitation could lead to unauthorized access to sensitive data and operations. Attackers require human interaction from a third party to fully exploit the vulnerability, which can allow access to crucial data, as well as the ability to modify or delete information within the Oracle iStore system.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:48.000Z,0
CVE-2021-2182,https://securityvulnerability.io/vulnerability/CVE-2021-2182,Security Vulnerability in Oracle iStore Shopping Cart Product by Oracle,"The vulnerability in Oracle iStore within Oracle E-Business Suite allows unauthenticated access via HTTP. Attackers can exploit this weakness to gain unauthorized control over critical data by requiring human interaction from an unwitting user. This can lead to significant security risks, including the potential for unauthorized updates, deletions, or insertions of sensitive data. The impact of this vulnerability extends beyond iStore, affecting other integrated components significantly.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:48.000Z,0
CVE-2021-2150,https://securityvulnerability.io/vulnerability/CVE-2021-2150,Vulnerability in Oracle iStore Shopping Cart Component of Oracle E-Business Suite,"Oracle iStore within the Oracle E-Business Suite is exposed to an unauthenticated access vulnerability that permits attackers with network access via HTTP to exploit weaknesses in the Shopping Cart component. Successful exploitation necessitates human interaction from an individual unrelated to the attacker, leading to potential unauthorized access to sensitive data. This vulnerability can grant attackers the ability to view, update, insert, or delete data accessible through the Oracle iStore, which may extend its impact to other integrated components within the E-Business Suite. The security flaw notably affects supported versions 12.1.1 through 12.1.3 and 12.2.3 through 12.2.10, exposing organizations to substantial risks if unaddressed.",Oracle,Istore,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:45.000Z,0
CVE-2021-2096,https://securityvulnerability.io/vulnerability/CVE-2021-2096,Unauthenticated Access Vulnerability in Oracle iStore Shopping Cart,"An unauthenticated access vulnerability exists in the Oracle iStore component of the Oracle E-Business Suite, specifically affecting the Shopping Cart feature. This flaw can be exploited by attackers with network access via HTTP to compromise Oracle iStore, particularly requiring human interaction for successful attacks. The vulnerable versions include Oracle iStore 12.1.1 through 12.1.3 and 12.2.3 through 12.2.10. Exploitation may lead to unauthorized access to sensitive data, allowing attackers to potentially read, write, update, or delete crucial data within Oracle iStore, affecting not only the iStore component but also other associated products.",Oracle,Istore,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:10.000Z,0
CVE-2021-2089,https://securityvulnerability.io/vulnerability/CVE-2021-2089,Unauthenticated Access Vulnerability in Oracle iStore by Oracle Corporation,"The vulnerability in Oracle iStore within the Oracle E-Business Suite allows an unauthenticated attacker to gain unauthorized access via HTTP. This attack necessitates human interaction from a third party, which raises the risks associated with the exploitation. The compromised Oracle iStore environment can lead to unauthorized access to sensitive data and the ability to perform critical operations such as updates, inserts, or deletions of accessible data. The impact may extend beyond iStore, affecting associated applications and data integrity.",Oracle,Istore,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:09.000Z,0
CVE-2021-2077,https://securityvulnerability.io/vulnerability/CVE-2021-2077,Vulnerability in Oracle iStore Shopping Cart in Oracle E-Business Suite,"The vulnerability in Oracle iStore within the Oracle E-Business Suite allows unauthenticated attackers with network access to exploit the shopping cart component. Although the vulnerability primarily affects Oracle iStore, successful exploitation could allow unauthorized access to critical data and the ability to update, insert, or delete accessible data. The attack requires human interaction which can result in significant repercussions for the integrity and confidentiality of sensitive information.",Oracle,Istore,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:08.000Z,0
CVE-2021-2082,https://securityvulnerability.io/vulnerability/CVE-2021-2082,Unauthorized Data Access in Oracle E-Business Suite iStore Component,"A security vulnerability in the Oracle iStore component of Oracle E-Business Suite allows unauthenticated attackers with network access to exploit the shopping cart functionality. This exploit can lead to unauthorized access to critical data, and the ability to update, insert, or delete certain data within the iStore. Although successful attacks require human interaction from a third party, the impact can extend beyond iStore, affecting additional products in the E-Business Suite ecosystem.",Oracle,Istore,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:08.000Z,0
CVE-2021-2059,https://securityvulnerability.io/vulnerability/CVE-2021-2059,Unauthorized Data Access in Oracle iStore Web Interface by Oracle,"A vulnerability exists in the Oracle iStore web interface of the Oracle E-Business Suite that allows an unauthenticated attacker to exploit network access via HTTP. This could lead to unauthorized read access to certain data within Oracle iStore, posing a significant security risk. Affected versions include 12.1.1 through 12.1.3 and 12.2.3 through 12.2.10. It is vital for organizations using Oracle iStore to implement security measures to mitigate this risk and protect sensitive data.",Oracle,Istore,5.3,MEDIUM,0.0009699999936856329,false,,false,false,false,,,false,false,,2021-01-20T14:50:06.000Z,0
CVE-2020-14596,https://securityvulnerability.io/vulnerability/CVE-2020-14596,Unauthenticated Access Vulnerability in Oracle iStore Product by Oracle,"The vulnerability in Oracle iStore allows an unauthenticated attacker with network access via HTTP to exploit the system. This exploitation requires human interaction from an individual other than the attacker. While localized within the Oracle iStore component of the Oracle E-Business Suite, the repercussions of successful attacks can extend beyond this application, leading to unauthorized access to crucial data and the potential for unauthorized updates, inserts, or deletions of sensitive information. The security of critical data could be severely compromised, making effective remediation essential.",Oracle,Istore,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14582,https://securityvulnerability.io/vulnerability/CVE-2020-14582,User Registration Vulnerability in Oracle E-Business Suite iStore,"An unauthenticated vulnerability exists in the user registration feature of Oracle iStore within the Oracle E-Business Suite. This flaw allows external attackers with network access to exploit the vulnerability if human interaction is involved. Although primarily affecting Oracle iStore, the potential repercussions extend to other components within the suite. Successful exploitation could lead to unauthorized access to sensitive data and the ability to perform unauthorized actions, including updates, inserts, or deletions of data managed by iStore. Users of affected versions are recommended to apply patches and take mitigation measures to safeguard their data.",Oracle,Istore,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-07-15T17:34:28.000Z,0
CVE-2020-2810,https://securityvulnerability.io/vulnerability/CVE-2020-2810,Vulnerability in Oracle E-Business Suite's iStore Shopping Cart,"The vulnerability within the Oracle iStore, part of the Oracle E-Business Suite, allows an unauthenticated attacker with network access via HTTP to exploit the system. An attacker can leverage this vulnerability to gain unauthorized access to sensitive data, enabling potential unauthorized updates, inserts, or deletions. Although the exploitation of this vulnerability requires interaction from a user other than the attacker, the consequences can extend beyond the iStore, affecting various components of Oracle E-Business Suite.",Oracle,Istore,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-04-15T13:29:47.000Z,0
CVE-2020-2582,https://securityvulnerability.io/vulnerability/CVE-2020-2582,Vulnerability in Oracle E-Business Suite's Shopping Cart Component,"An unauthenticated attacker with network access via HTTPS can exploit a vulnerability in Oracle iStore, part of Oracle E-Business Suite. This vulnerability allows for unauthorized access to sensitive data stored within the iStore, including the ability to update, insert, or delete accessible data. Successful exploitation requires human interaction from an individual other than the attacker, further complicating the risk scenario. As the vulnerability resides in the shopping cart component, it may have downstream impacts on other products within the E-Business Suite, potentially leading to significant data loss or compromise.",Oracle,Istore,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-01-15T16:34:01.000Z,0
CVE-2019-2990,https://securityvulnerability.io/vulnerability/CVE-2019-2990,Vulnerability in Oracle iStore from Oracle E-Business Suite,"A vulnerability exists in Oracle iStore, a component of the Oracle E-Business Suite, allowing unauthenticated attackers with HTTP network access to exploit the system. Attackers can manipulate the vulnerability by requiring human interaction from another person, leading to unauthorized access to sensitive data, including the ability to insert, update, or delete records. The supported versions impacted range from 12.1.1 to 12.1.3 and 12.2.3 to 12.2.9, and while the vulnerability specifically affects Oracle iStore, it could also potentially impact other related applications.",Oracle,Istore,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-10-16T17:40:58.000Z,0