cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20936,https://securityvulnerability.io/vulnerability/CVE-2024-20936,Unauthenticated Access Vulnerability in Oracle One-to-One Fulfillment by Oracle,"An unauthenticated access vulnerability exists in Oracle One-to-One Fulfillment, part of the Oracle E-Business Suite, which affects versions 12.2.3 through 12.2.13. This vulnerability allows an attacker with network access via HTTP to manipulate accessible data. While successful attacks require human interaction from a third party, they pose significant risks, leading to unauthorized updates, inserts, or deletions, as well as unintended read access to sensitive data. This vulnerability may extend its impact beyond Oracle One-to-One Fulfillment, altering the scope of potential consequences.",Oracle,One-to-One Fulfillment,6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-01-16T21:41:18.009Z,0
CVE-2021-2155,https://securityvulnerability.io/vulnerability/CVE-2021-2155,Unauthenticated Vulnerability in Oracle E-Business Suite's One-to-One Fulfillment,"A vulnerability exists in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite that may allow an unauthenticated attacker with network access via HTTP to compromise the system. Although successful exploitation requires human interaction from a victim, it could lead to unauthorized operations such as updates, inserts, or deletions of accessible data. This vulnerability primarily impacts the integrity of the data managed by the application.",Oracle,One-to-one Fulfillment,4.3,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2021-04-22T21:53:45.000Z,0
CVE-2021-2094,https://securityvulnerability.io/vulnerability/CVE-2021-2094,Cross-Site Scripting Vulnerability in Oracle One-to-One Fulfillment Product,"An exploitable vulnerability exists in the Print Server component of Oracle's One-to-One Fulfillment within the Oracle E-Business Suite. This vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the application. Although successful exploitation requires user interaction, it could lead to unauthorized access to critical data and manipulation of accessible data within the Oracle One-to-One Fulfillment. This can include unauthorized updates, inserts, or deletions, significantly impacting additional products utilized alongside the Oracle suite. Organizations using versions 12.1.1 through 12.1.3 and 12.2.3 through 12.2.10 should take immediate action to mitigate risks associated with this vulnerability.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:10.000Z,0
CVE-2021-2100,https://securityvulnerability.io/vulnerability/CVE-2021-2100,Unauthenticated Access Vulnerability in Oracle One-to-One Fulfillment,"The vulnerability in the Oracle One-to-One Fulfillment product of the Oracle E-Business Suite allows an unauthenticated attacker with network access via HTTP to effectively compromise the application. This weakness leads to the potential for unauthorized actions, including the creation, deletion, or modification of sensitive data. Successful exploitation allows attackers to attain complete operational access to all data within Oracle One-to-One Fulfillment, raising significant security concerns regarding data confidentiality and integrity.",Oracle,One-to-one Fulfillment,9.1,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2021-01-20T14:50:10.000Z,0
CVE-2021-2101,https://securityvulnerability.io/vulnerability/CVE-2021-2101,Vulnerability in Oracle E-Business Suite Print Server Affects One-to-One Fulfillment,"A vulnerability in the Print Server component of Oracle's One-to-One Fulfillment within the E-Business Suite allows unauthenticated attackers with network access via HTTP to compromise the system. Exploiting this vulnerability enables unauthorized creation, deletion, or modification of critical data, leading to potential unauthorized access to all accessible data within Oracle's fulfillment services.",Oracle,One-to-one Fulfillment,9.1,CRITICAL,0.002219999907538295,false,,false,false,false,,,false,false,,2021-01-20T14:50:10.000Z,0
CVE-2020-14863,https://securityvulnerability.io/vulnerability/CVE-2020-14863,Oracle E-Business Suite Print Server Vulnerability,"The vulnerability in Oracle One-to-One Fulfillment within the Oracle E-Business Suite's Print Server component can be exploited by an unauthenticated attacker with network access via HTTP. Although successful exploitation requires user interaction from a third party, the consequences could be severe. Attackers may gain unauthorized access to sensitive data and possess the ability to manipulate or delete data within Oracle One-to-One Fulfillment. This could lead to significant impacts across additional Oracle products, emphasizing the need for immediate attention to patching and securing vulnerable installations.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:29.000Z,0
CVE-2020-14819,https://securityvulnerability.io/vulnerability/CVE-2020-14819,Oracle E-Business Suite Print Server Vulnerability Exposes Sensitive Data,"A significant vulnerability exists in the Oracle One-to-One Fulfillment component of the Oracle E-Business Suite, specifically in its Print Server functionality. This vulnerability allows unauthenticated attackers with network access via HTTP to exploit the system. Although exploitation requires human interaction from a victim, successful attacks could lead to unauthorized access to sensitive data and the ability to modify, insert, or delete data within Oracle One-to-One Fulfillment. This situation poses a substantial risk not only to Oracle One-to-One Fulfillment but potentially impacts other interconnected components in the Oracle ecosystem.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:27.000Z,0
CVE-2020-2870,https://securityvulnerability.io/vulnerability/CVE-2020-2870,Unauthenticated Access Vulnerability in Oracle E-Business Suite's Print Server,"A vulnerability exists in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite's Print Server, allowing unauthenticated network access via HTTP. This vulnerability can be exploited by attackers to gain unauthorized access to sensitive data and manipulate it without proper authorization. Attacks require human interaction from a user other than the attacker, raising significant concerns about data confidentiality and integrity. The vulnerability affects supported versions including 12.1.1 to 12.1.3 and 12.2.3 to 12.2.9, potentially impacting other linked products.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:50.000Z,0
CVE-2020-2862,https://securityvulnerability.io/vulnerability/CVE-2020-2862,Unauthorized Access Vulnerability in Oracle E-Business Suite Print Server,"The vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite allows an unauthenticated attacker with network access via HTTP to access sensitive data. Exploiting this flaw necessitates human interaction from an individual other than the attacker, spotlighting the vulnerability's reliance on user engagement. While the direct implications are confined to the One-to-One Fulfillment, successful exploitation could have a cascading effect on other connected systems and data. This raises significant concerns regarding data confidentiality, as unauthorized read access could compromise sensitive information.",Oracle,One-to-one Fulfillment,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-04-15T13:29:49.000Z,0
CVE-2020-2825,https://securityvulnerability.io/vulnerability/CVE-2020-2825,Remote Code Execution Flaw in Oracle E-Business Suite's Print Server,"A vulnerability exists in Oracle E-Business Suite’s Print Server, impacting its One-to-One Fulfillment component. This flaw is easily exploitable by an unauthenticated attacker with HTTP network access, allowing the attacker to compromise the affected systems. Although human interaction is needed from someone other than the attacker for successful exploitation, the implications can be severe. Attackers may gain unauthorized access to sensitive data, potentially leading to unauthorized updates, inserts, or deletions of data within Oracle One-to-One Fulfillment. This vulnerability could result in a significant breach of confidentiality and integrity, affecting critical information within the Oracle ecosystem.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:48.000Z,0
CVE-2020-2827,https://securityvulnerability.io/vulnerability/CVE-2020-2827,Unauthenticated Vulnerability in Oracle One-to-One Fulfillment Product by Oracle,"The vulnerability in Oracle One-to-One Fulfillment allows attackers to gain unauthorized access to sensitive data through network access via HTTP. An attacker can exploit this flaw without authentication, although the attack requires interaction from another user. This makes it particularly dangerous, as successful exploitation can lead to unauthorized updates, insertions, or deletions of data, impacting not only the Oracle One-to-One Fulfillment product but potentially other integrated components of the Oracle E-Business Suite.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:48.000Z,0
CVE-2020-2832,https://securityvulnerability.io/vulnerability/CVE-2020-2832,Unauthorized Access Vulnerability in Oracle E-Business Suite Print Server,"The vulnerability in Oracle E-Business Suite's Print Server component allows an unauthenticated attacker with network access via HTTP to compromise the Oracle One-to-One Fulfillment product. Successful exploitation necessitates human interaction from a person other than the attacker. This flaw could lead to unauthorized access to sensitive data and permit unauthorized updates, insertions, or deletions of the data accessible through the Oracle One-to-One Fulfillment application. The effects of exploitation may extend to other connected products, increasing the risk to organizational data integrity.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:48.000Z,0
CVE-2020-2826,https://securityvulnerability.io/vulnerability/CVE-2020-2826,Vulnerability in Oracle E-Business Suite Print Server Component,"A vulnerability exists in the Print Server component of the Oracle One-to-One Fulfillment product within Oracle E-Business Suite. This flaw allows an unauthenticated attacker with network access via HTTP to compromise the system. While the attack requires human interaction, it poses significant risks, as it could lead to unauthorized access and manipulation of sensitive data within the Oracle One-to-One Fulfillment. Successful exploitation could allow an attacker to not only access deep data insights but also perform unauthorized updates, inserts, or deletions to accessible data.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:48.000Z,0
CVE-2020-2824,https://securityvulnerability.io/vulnerability/CVE-2020-2824,Unauthenticated Network Vulnerability in Oracle One-to-One Fulfillment,"A vulnerability exists in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite, specifically in the Print Server. This flaw allows unauthenticated attackers with network access via HTTP to exploit the system, requiring human interaction for successful attacks. The exploitation of this vulnerability can lead to unauthorized access to sensitive data, potentially compromising the integrity of data stored within Oracle One-to-One Fulfillment. Attackers could gain extensive access, enabling them to update, insert, or delete critical information. The presence of this flaw could also impact other products within the suite.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:48.000Z,0
CVE-2020-2597,https://securityvulnerability.io/vulnerability/CVE-2020-2597,Unauthenticated Access Vulnerability in Oracle E-Business Suite's One-to-One Fulfillment,"A vulnerability exists in the Oracle One-to-One Fulfillment component of the Oracle E-Business Suite that could allow unauthenticated attackers to compromise the system. When exploited, this vulnerability could enable an attacker to interact with the application in ways that result in unauthorized modifications to accessible data. Although successful exploitation requires human interaction from a user other than the attacker, the potential impact on Oracle One-to-One Fulfillment could extend to connected products and services, raising significant security concerns.",Oracle,One-to-one Fulfillment,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:02.000Z,0
CVE-2019-2666,https://securityvulnerability.io/vulnerability/CVE-2019-2666,Vulnerability in Oracle E-Business Suite’s Print Server Component,"A vulnerability exists within the Print Server component of Oracle E-Business Suite that allows an unauthenticated attacker with network access via HTTP to exploit the system. While the vulnerability specifically targets the Oracle One-to-One Fulfillment functionality, a successful attack requires interaction from a user other than the attacker. This flaw can lead to unauthorized access to sensitive data as well as the potential for unauthorized modifications such as updates or deletions of data within the Oracle One-to-One Fulfillment environment. The vulnerability's implications may extend to additional Oracle products, emphasizing the need for urgent remedial action.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2668,https://securityvulnerability.io/vulnerability/CVE-2019-2668,Vulnerability in Oracle E-Business Suite Print Server Component,"A network access vulnerability in the Print Server component of Oracle E-Business Suite enables unauthenticated attackers to exploit the Oracle One-to-One Fulfillment functionality. This exploitation can potentially lead to unauthorized access to sensitive data, compromising the integrity of crucial information. A successful attack requires an interactive step from a third party, posing significant risks to additional products tied to this component. Attackers could gain extensive control over accessible data, including update, insert, and delete commands, leading to significant security breaches for organizations utilizing these affected versions.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2672,https://securityvulnerability.io/vulnerability/CVE-2019-2672,Security Flaw in Oracle E-Business Suite Print Server Component,"A vulnerability has been identified in the Print Server component of Oracle E-Business Suite's One-to-One Fulfillment. This flaw allows an unauthenticated attacker with network access via HTTP to compromise the system. Exploiting this vulnerability requires human interaction from another individual, but it poses severe risks to the security of Oracle E-Business Suite's sensitive data. Successful exploitation can lead to unauthorized access, enabling attackers to view, modify, delete, or insert data within the One-to-One Fulfillment component. This poses a significant threat not only to the affected product but to other interconnected components as well.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2674,https://securityvulnerability.io/vulnerability/CVE-2019-2674,Exploitable Vulnerability in Oracle E-Business Suite Print Server Component,"A security flaw exists in the Oracle One-to-One Fulfillment component of the Oracle E-Business Suite, specifically affecting the Print Server. This vulnerability is easily exploitable, allowing an attacker with network access to compromise the system without the need for authentication. Importantly, while exploitation necessitates human interaction from a third party, successful attacks can lead to unauthorized updates, inserts, or deletions of accessible data. The impact may extend beyond the fulfillment component, posing risks to additional products within the Oracle suite.",Oracle,One-to-one Fulfillment,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-04-23T18:16:43.000Z,0
CVE-2019-2653,https://securityvulnerability.io/vulnerability/CVE-2019-2653,Unauthenticated Access Vulnerability in Oracle E-Business Suite Print Server,"The Oracle E-Business Suite's Print Server component is susceptible to a vulnerability allowing unauthorized users to gain access to sensitive information. The flaw can be exploited by an attacker with network access over HTTP, requiring interaction from victims that may unwittingly facilitate the breach. Although primarily affecting Oracle One-to-One Fulfillment, this vulnerability poses broader risks, potentially compromising various owned data and allowing modifications without authorization, which may lead to severe data integrity issues.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:42.000Z,0
CVE-2019-2654,https://securityvulnerability.io/vulnerability/CVE-2019-2654,Unauthenticated Access Vulnerability in Oracle E-Business Suite's Print Server,"A vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite, specifically within the Print Server subcomponent, allows an unauthenticated attacker with network access via HTTP to compromise the system. This flaw requires user interaction from a third party to exploit effectively. Although the issue resides in Oracle One-to-One Fulfillment, successful attacks can have a broader impact, potentially granting unauthorized access to sensitive data. Attackers can manipulate data within Oracle One-to-One Fulfillment, including unauthorized updates, inserts, or deletions. Exploiting this vulnerability could lead to significant confidentiality and integrity concerns for affected organizations.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:42.000Z,0
CVE-2019-2603,https://securityvulnerability.io/vulnerability/CVE-2019-2603,Remote Code Execution Vulnerability in Oracle E-Business Suite,"The vulnerability in Oracle's E-Business Suite, specifically within the One-to-One Fulfillment component, allows unauthenticated attackers to potentially compromise the system via HTTP requests. Exploitation requires interaction from a user other than the attacker, which can lead to unauthorized access to sensitive information and the ability to manipulate Oracle One-to-One Fulfillment data. The impact extends beyond this component, potentially affecting other interconnected products.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:40.000Z,0
CVE-2019-2551,https://securityvulnerability.io/vulnerability/CVE-2019-2551,Security Flaw in Oracle E-Business Suite's Print Server Component,"A vulnerability exists in the Oracle E-Business Suite's Print Server component, enabling an unauthenticated attacker with network access via HTTP to exploit the system. While exploiting this vulnerability necessitates interaction from someone other than the attacker, the implications are serious. Successful exploitation can lead to unauthorized access to critical data and the ability to modify, insert, or delete information within Oracle One-to-One Fulfillment. This vulnerability can affect multiple interlinked components of the Oracle ecosystem, posing significant risks to data integrity and confidentiality.",Oracle,One-to-one Fulfillment,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:39.000Z,0
CVE-2019-2489,https://securityvulnerability.io/vulnerability/CVE-2019-2489,,"Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: OCM Query). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle One-to-One Fulfillment accessible data as well as unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).",Oracle,One-to-one Fulfillment,9.1,CRITICAL,0.0014299999456852674,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-2953,https://securityvulnerability.io/vulnerability/CVE-2018-2953,,"Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle One-to-One Fulfillment accessible data as well as unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,One-to-one Fulfillment,8.2,HIGH,0.0014700000174343586,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0