cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21169,https://securityvulnerability.io/vulnerability/CVE-2024-21169,Oracle Marketing Vulnerability Affects Confidentiality and Integrity,"Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Partners).  Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Marketing accessible data as well as  unauthorized read access to a subset of Oracle Marketing accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",Oracle,Marketing,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2024-21078,https://securityvulnerability.io/vulnerability/CVE-2024-21078,Remote Code Execution Vulnerability in Oracle Marketing within Oracle E-Business Suite,"A vulnerability exists within the Oracle Marketing component of Oracle E-Business Suite that allows an unauthenticated attacker with network access via HTTP to execute unauthorized actions. Affected versions range from 12.2.3 to 12.2.13. Successful exploitation can grant the attacker unauthorized access to sensitive data, posing significant risks to data integrity and confidentiality. The ease of exploitation underscores the importance of addressing this vulnerability to safeguard critical information.",Oracle,Marketing,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-21079,https://securityvulnerability.io/vulnerability/CVE-2024-21079,Unauthorized Access Vulnerability in Oracle Marketing of Oracle E-Business Suite,"A vulnerability in the Oracle Marketing component of Oracle E-Business Suite allows unauthenticated attackers with network access via HTTP to exploit weaknesses in the system. Specifically, this flaw affects supported versions from 12.2.3 to 12.2.13, granting potential attackers unauthorized access to sensitive data. Successful exploitation can lead to unauthorized disclosure of critical information and full access to all data accessible within Oracle Marketing, representing a significant security risk for organizations relying on this application.",Oracle,Marketing,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2023-21851,https://securityvulnerability.io/vulnerability/CVE-2023-21851,Vulnerability in Oracle Marketing Component of Oracle E-Business Suite,"This vulnerability allows an unauthenticated attacker with network access via HTTP to exploit the Oracle Marketing component within Oracle E-Business Suite. By leveraging this flaw, an attacker may gain unauthorized permissions to create, delete, or modify critical data within Oracle Marketing. The issue impacts versions 12.2.3 through 12.2.12, posing a risk of significant data integrity breaches with potential ramifications for organizational security.",Oracle,Marketing,7.5,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2021-2359,https://securityvulnerability.io/vulnerability/CVE-2021-2359,Unauthenticated Access Vulnerability in Oracle E-Business Suite Marketing Component,"This vulnerability within the Oracle Marketing component of Oracle E-Business Suite allows unauthenticated attackers with HTTP network access to compromise the system. Though the attack requires human interaction from a third party, it poses significant risks, enabling unauthorized access to sensitive data and the ability to perform unauthorized updates, insertions, or deletions within the accessible data of Oracle Marketing. The implications of exploiting this vulnerability extend beyond just the Oracle Marketing component, potentially affecting other products as well.",Oracle,Marketing,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-07-20T22:43:36.000Z,0
CVE-2021-2355,https://securityvulnerability.io/vulnerability/CVE-2021-2355,Unauthorized Data Access in Oracle Marketing by Oracle Corporation,"A significant vulnerability exists within the Oracle Marketing component of the Oracle E-Business Suite. This vulnerability enables unauthenticated attackers with network access via HTTP to gain unauthorized access to sensitive data. Exploitation of this flaw could allow attackers to create, delete, or modify critical data and gain complete access to all Oracle Marketing data. Organizations using affected versions of the software should take immediate steps to mitigate this risk.",Oracle,Marketing,9.1,CRITICAL,0.0028899998869746923,false,,false,false,false,,,false,false,,2021-07-20T22:43:33.000Z,0
CVE-2021-2338,https://securityvulnerability.io/vulnerability/CVE-2021-2338,Unauthenticated Access Vulnerability in Oracle Siebel Marketing Application,"An unauthenticated access vulnerability exists in Oracle Siebel CRM's Email Marketing application that allows attackers with network access through HTTP to compromise the application. Although the vulnerability is specific to Siebel Apps - Marketing, successful exploitation may also affect associated products. The attacks necessitate human interaction, leading to potential unauthorized updates, data inserts, deletions, and access to sensitive data within the application. Organizations utilizing affected versions should adopt immediate measures to mitigate potential risks.",Oracle,Siebel Apps - Marketing,6.1,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2021-07-20T22:43:17.000Z,0
CVE-2021-2205,https://securityvulnerability.io/vulnerability/CVE-2021-2205,Unauthenticated Access Vulnerability in Oracle E-Business Suite Marketing Product,"A vulnerability exists in the Oracle Marketing product of the Oracle E-Business Suite that permits an unauthenticated attacker to gain access via HTTP. This flaw affects versions 12.2.7 through 12.2.10. Exploiting this vulnerability can lead to unauthorized creation, deletion, or modification of sensitive data, granting attackers potential control over critical data accessible through Oracle Marketing. It poses significant risks to data confidentiality and integrity.",Oracle,Marketing,9.1,CRITICAL,0.0028899998869746923,false,,false,false,false,,,false,false,,2021-04-22T21:53:51.000Z,0
CVE-2021-2118,https://securityvulnerability.io/vulnerability/CVE-2021-2118,Vulnerability in Oracle Marketing Product of Oracle E-Business Suite,"An exploitable vulnerability exists in the Marketing Administration component of Oracle Marketing, part of the Oracle E-Business Suite. This issue allows unauthenticated attackers with network access via HTTP to manipulate Oracle Marketing systems. While successful exploitation demands user interaction from a third party, it poses significant risks, potentially leading to unauthorized access or modifications of critical data. The vulnerability may also affect interconnected products, resulting in breaches that compromise data confidentiality and integrity.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:12.000Z,0
CVE-2021-2027,https://securityvulnerability.io/vulnerability/CVE-2021-2027,Unauthorized Data Access in Oracle Marketing by Oracle Corporation,"A vulnerability in Oracle Marketing, part of the Oracle E-Business Suite, permits an unauthenticated attacker with network access to exploit the system via HTTP. The attack requires interaction from a user other than the attacker, making it highly insidious. Successful exploitation can lead to unauthorized access to sensitive data and operational disruption, allowing attackers to modify, insert, or delete information within Oracle Marketing. This flaw can impact the integrity and confidentiality of critical business data, extending beyond the Marketing module itself.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:03.000Z,0
CVE-2021-2026,https://securityvulnerability.io/vulnerability/CVE-2021-2026,Vulnerability in Oracle E-Business Suite Marketing Administration,"A vulnerability exists in the Oracle Marketing component of Oracle E-Business Suite that allows unauthenticated attackers with HTTP access to compromise the application. Successful exploitation requires human interaction from a user other than the attacker. While the vulnerability primarily affects Oracle Marketing, it can have broader implications on additional products within the suite. If exploited, attackers can gain unauthorized access to critical data, enabling them to perform unauthorized operations such as updates, inserts, or deletions of accessible data. This potential for extensive data exposure highlights the urgency for timely remediation.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:02.000Z,0
CVE-2020-14875,https://securityvulnerability.io/vulnerability/CVE-2020-14875,Unauthorized Data Access in Oracle Marketing Solution by Oracle,"A vulnerability exists in the Oracle Marketing component of the Oracle E-Business Suite that allows unauthenticated attackers with network access via HTTP to gain unauthorized access. This security flaw may lead to unauthorized creation, deletion, or modification of critical data and offers attackers complete access to all data available in the Oracle Marketing system. Organizations using affected versions need to address this vulnerability promptly to prevent potential data breaches.",Oracle,Marketing,9.1,CRITICAL,0.002099999925121665,false,,false,false,false,,,false,false,,2020-10-21T14:04:29.000Z,0
CVE-2020-14849,https://securityvulnerability.io/vulnerability/CVE-2020-14849,Unauthenticated Access Vulnerability in Oracle Marketing Product by Oracle,"A vulnerability exists in the Marketing Administration component of the Oracle Marketing product within Oracle E-Business Suite. This flaw allows unauthenticated attackers with network access to exploit the vulnerability via HTTP. Successful exploitation necessitates human interaction from a victim, which can lead to unauthorized access to sensitive data within Oracle Marketing. The impact extends beyond the Marketing product, potentially compromising additional components within the Oracle E-Business Suite. Attackers could gain extensive access rights, enabling them to update, insert, or delete data, which raises serious concerns regarding data confidentiality and integrity.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:28.000Z,0
CVE-2020-14835,https://securityvulnerability.io/vulnerability/CVE-2020-14835,Vulnerability in Oracle Marketing Component of Oracle E-Business Suite,"A vulnerability in the Oracle Marketing component of Oracle E-Business Suite allows unauthenticated attackers with network access via HTTP to exploit the system. Successful exploitation requires human interaction from a third party, which enables attackers to access sensitive data within Oracle Marketing. Consequences of an attack can include unauthorized access to critical data and the ability to perform destructive actions like updates, inserts, or deletions of accessible data. This vulnerability not only affects Oracle Marketing but may also have repercussions for additional products within the suite.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:27.000Z,0
CVE-2020-14831,https://securityvulnerability.io/vulnerability/CVE-2020-14831,Oracle Marketing Vulnerability in E-Business Suite,"A vulnerability exists within the Oracle Marketing component of the Oracle E-Business Suite that allows an unauthenticated attacker with network access via HTTP to exploit the system. The attacker needs human interaction from another user to successfully execute an attack. Once exploited, this vulnerability could lead to unauthorized access to sensitive data within Oracle Marketing and may enable the attacker to perform unauthorized updates, inserts, or deletions of accessible data. The implications of such an attack could extend beyond Oracle Marketing, affecting other interconnected products within the suite.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:27.000Z,0
CVE-2020-14816,https://securityvulnerability.io/vulnerability/CVE-2020-14816,Unauthorized Access Vulnerability in Oracle E-Business Suite Marketing Administration,"The vulnerability exists within the Oracle Marketing product of Oracle E-Business Suite, specifically in the Marketing Administration component. It can be exploited by unauthenticated attackers who have network access through HTTP, facilitating unauthorized interactions that may lead to significant data breaches. Although the attack necessitates human interaction from a third party, successful exploitation could allow attackers to gain access to sensitive and confidential data or manipulate the data within Oracle Marketing. This could result in unauthorized updates, deletions, or insertions of records, raising serious concerns regarding data integrity and privacy.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:26.000Z,0
CVE-2020-14817,https://securityvulnerability.io/vulnerability/CVE-2020-14817,Unauthorized Access Vulnerability in Oracle Marketing Product by Oracle,"An unauthenticated attacker with network access via HTTP can exploit a vulnerability in the Oracle Marketing product of the Oracle E-Business Suite. Affected versions include 12.1.1 through 12.1.3 and 12.2.3 through 12.2.10. This flaw requires human interaction to successfully execute an attack. Once exploited, it can lead to unauthorized access to sensitive data and allow attackers to perform unauthorized updates, inserts, or deletions on data accessible through Oracle Marketing, posing significant risks to the integrity and confidentiality of the data.",Oracle,Marketing,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:26.000Z,0
CVE-2020-14658,https://securityvulnerability.io/vulnerability/CVE-2020-14658,Vulnerability in Oracle Marketing Product of Oracle E-Business Suite,"An unauthenticated access vulnerability exists in the Oracle Marketing component of the Oracle E-Business Suite. This flaw allows attackers with network access via HTTP to potentially compromise sensitive data. By exploiting this vulnerability, an attacker could create, delete, or modify critical data within Oracle Marketing, resulting in unauthorized access or manipulation of all data that is accessible within this environment.",Oracle,Marketing,9.1,CRITICAL,0.0019399999873712659,false,,false,false,false,,,false,false,,2020-07-15T17:34:32.000Z,0
CVE-2020-14555,https://securityvulnerability.io/vulnerability/CVE-2020-14555,Unauthorized Data Access Vulnerability in Oracle Marketing by Oracle,"An unauthenticated attacker with network access via HTTP can exploit the vulnerability residing in Oracle Marketing within Oracle E-Business Suite. Affected versions range from 12.1.1 to 12.1.3 and 12.2.3 to 12.2.9. The successful exploitation requires human interaction from a secondary user and can lead to unauthorized update, insertion, or deletion of data within Oracle Marketing. Additionally, while the vulnerability itself is localized within Oracle Marketing, the implications of successful attacks may extend to other connected products, potentially compromising further data integrity.",Oracle,Marketing,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-07-15T17:34:27.000Z,0
CVE-2020-2888,https://securityvulnerability.io/vulnerability/CVE-2020-2888,Unauthorized Data Access in Oracle E-Business Suite Marketing Component,"A vulnerability exists in the Oracle Marketing component of the Oracle E-Business Suite that allows unauthenticated attackers with HTTP network access to exploit it. When successfully exploited, the vulnerability can enable unauthorized users to gain read access to sensitive data associated with Oracle Marketing. The affected versions of the Oracle E-Business Suite include 12.1.1 through 12.1.3 and 12.2.3 through 12.2.9. This situation poses a significant risk to the confidentiality of data managed within the Oracle Marketing application.",Oracle,Marketing,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-04-15T13:29:51.000Z,0
CVE-2020-2876,https://securityvulnerability.io/vulnerability/CVE-2020-2876,Unauthorized Access Vulnerability in Oracle Marketing by Oracle,"The vulnerability identified within Oracle Marketing of the Oracle E-Business Suite allows unauthenticated attackers to exploit the system via HTTP. This can lead to unauthorized access to sensitive data, as attackers can potentially manipulate, delete, or insert data within the Oracle Marketing system. Although human interaction is necessary for successful exploitation, the implications may extend across other interconnected Oracle products, resulting in comprehensive data exposure and integrity issues.",Oracle,Marketing,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:50.000Z,0
CVE-2020-2860,https://securityvulnerability.io/vulnerability/CVE-2020-2860,Unauthorized Access Vulnerability in Oracle Marketing of E-Business Suite,"This vulnerability exists in the Oracle Marketing component of the Oracle E-Business Suite, specifically affecting versions 12.1.1 through 12.1.3. It allows an unauthenticated attacker to gain network access via HTTP, which can compromise the integrity and confidentiality of sensitive data. Successful exploitation involves interaction from a victim, which may lead to unauthorized access to critical data and the ability to update, insert, or delete accessible information within Oracle Marketing. The impact is significant as it goes beyond the immediate product, potentially affecting other interconnected systems.",Oracle,Marketing,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:49.000Z,0
CVE-2020-2861,https://securityvulnerability.io/vulnerability/CVE-2020-2861,Oracle E-Business Suite Marketing Vulnerability Exposes Critical Data,"A vulnerability in Oracle Marketing within the Oracle E-Business Suite allows an unauthenticated attacker with network access via HTTP to exploit the system. Although exploitation requires human interaction from an individual other than the attacker, successful attempts can lead to unauthorized access to sensitive data. Attackers may gain significant control over Oracle Marketing data, which includes the ability to update, insert, or delete access to critical information. This vulnerability could also have cascading impacts on other interconnected products.",Oracle,Marketing,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:49.000Z,0
CVE-2020-2858,https://securityvulnerability.io/vulnerability/CVE-2020-2858,Vulnerability in Oracle E-Business Suite’s Marketing Administration Component,"An exploitable vulnerability exists in the Marketing Administration component of Oracle E-Business Suite, affecting versions 12.1.1 to 12.1.3. An unauthenticated attacker with network access can exploit this vulnerability via HTTP, leading to unauthorized access to critical data. This may allow attackers to view, update, insert, or delete information in Oracle Marketing without proper authorization. Successful exploitation necessitates human interaction from someone other than the perpetrator, thereby amplifying the risk to sensitive data across interconnected Oracle systems.",Oracle,Marketing,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:49.000Z,0
CVE-2020-2834,https://securityvulnerability.io/vulnerability/CVE-2020-2834,Unauthenticated Vulnerability in Oracle Marketing of Oracle E-Business Suite,"The vulnerability in Oracle Marketing within the Oracle E-Business Suite allows unauthenticated attackers with network access via HTTP to exploit the system. Successful exploitation can compromise sensitive data, granting unauthorized access to crucial information in Oracle Marketing. While the vulnerability directly affects Oracle Marketing, it could have broader implications that impact other integrated products. Attackers need human interaction to execute the exploit, which poses a significant risk for data integrity and confidentiality.",Oracle,Marketing,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:48.000Z,0