cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-21915,https://securityvulnerability.io/vulnerability/CVE-2023-21915,Vulnerability in Oracle Banking Payments by Oracle Financial Services Applications,"The vulnerability within Oracle Banking Payments allows low-privileged attackers with network access via HTTP to compromise the system. Exploitation requires human interaction from another individual, enabling unauthorized updates, inserts, or deletions of accessible data. Furthermore, this weakness can lead to unauthorized read access to specific subsets of data, posing significant risks to the integrity and confidentiality of sensitive information.",Oracle,Banking Payments,4.6,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2022-21475,https://securityvulnerability.io/vulnerability/CVE-2022-21475,Vulnerability in Oracle Banking Payments by Oracle Financial Services Applications,"A security vulnerability in Oracle Banking Payments allows low-privileged attackers with HTTP network access to manipulate critical data. Exploiting this flaw requires human interaction from an individual other than the attacker. This vulnerability permits unauthorized creation, deletion, or modification of sensitive data within Oracle Banking Payments, as well as unauthorized read access to some data. Additionally, it may lead to a partial denial of service, impacting the functionality of the application. Organizations using the affected version should take immediate measures to mitigate the risks associated with this vulnerability.",Oracle,Banking Payments,5.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-04-19T20:38:18.000Z,0
CVE-2020-14896,https://securityvulnerability.io/vulnerability/CVE-2020-14896,Unauthorized Data Access Vulnerability in Oracle Banking Payments by Oracle,"A vulnerability exists in the Oracle Banking Payments product, allowing an attacker with low privileges to exploit it over HTTP. This flaw can lead to unauthorized access to sensitive data, potentially compromising critical information and enabling unauthorized data exposure across all accessible records.",Oracle,Banking Payments,6.5,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2020-10-21T14:04:31.000Z,0
CVE-2020-2710,https://securityvulnerability.io/vulnerability/CVE-2020-2710,Unauthorized Access Vulnerability in Oracle Banking Payments by Oracle,"A vulnerability exists in the Oracle Banking Payments component of Oracle Financial Services Applications, which allows an attacker with low privileges and network access to exploit the system via HTTP. Successful exploitation can lead to unauthorized modifications, including updates, inserts, or deletions of accessible data, as well as unauthorized reading of certain sensitive information within Oracle Banking Payments. This issue affects versions 14.1.0 through 14.3.0 and highlights the need for heightened security measures.",Oracle,Banking Payments,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2711,https://securityvulnerability.io/vulnerability/CVE-2020-2711,Vulnerability in Oracle Banking Payments Product by Oracle,"This vulnerability exists within the Oracle Banking Payments product from Oracle Financial Services Applications, particularly in versions 14.1.0 through 14.3.0. It can be easily exploited by low-privileged attackers with network access via HTTP, enabling them to gain unauthorized access to sensitive data. If successfully exploited, this flaw could allow attackers to compromise critical data or gain comprehensive access to all information stored in Oracle Banking Payments, thereby posing serious risks to data confidentiality.",Oracle,Banking Payments,6.5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2712,https://securityvulnerability.io/vulnerability/CVE-2020-2712,Vulnerability in Oracle Banking Payments Product by Oracle,"The vulnerability in Oracle Banking Payments allows an unauthenticated attacker with network access via HTTP to exploit the system. Although human interaction is required from another party for a successful attack, the potential consequences are severe. Attackers could gain unauthorized access to modify or delete sensitive data, as well as read certain accessible data within the application. This vulnerability highlights the importance of thorough security practices and robust access controls to protect against unwanted exploitation.",Oracle,Banking Payments,5.4,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2713,https://securityvulnerability.io/vulnerability/CVE-2020-2713,Exploitable Vulnerability in Oracle Banking Payments by Oracle,"A vulnerability exists in Oracle Banking Payments, part of Oracle Financial Services Applications, impacting supported versions from 14.1.0 to 14.3.0. This vulnerability allows an attacker with low privileges and network access via HTTP to compromise the system. Successful exploitation can lead to unauthorized access to sensitive data and the ability to perform unauthorized operations, such as updating, inserting, or deleting accessible data within Oracle Banking Payments.",Oracle,Banking Payments,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2020-2714,https://securityvulnerability.io/vulnerability/CVE-2020-2714,Unauthorized Data Access in Oracle Banking Payments by Oracle,"A vulnerability exists in Oracle Banking Payments within Oracle Financial Services Applications that allows an attacker with low-level privileges and network access to exploit the system. This weakness enables unauthorized read access to sensitive data contained within the application. The vulnerability impacts supported versions 14.1.0 through 14.3.0, thus highlighting a significant risk to organizations utilizing Oracle Banking Payments.",Oracle,Banking Payments,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:08.000Z,0
CVE-2019-2782,https://securityvulnerability.io/vulnerability/CVE-2019-2782,Unauthenticated Access Vulnerability in Oracle E-Business Suite Payments Component,"The vulnerability in the Oracle Payments component of Oracle E-Business Suite allows unauthenticated attackers with network access via HTTP to infiltrate Oracle Payments. This exploitation can lead to unauthorized access to sensitive data within Oracle Payments, potentially exposing critical information. The flaw affects several supported versions, underscoring the necessity for organizations to implement security measures addressing this vulnerability.",Oracle,Payments,7.5,HIGH,0.0036100000143051147,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2783,https://securityvulnerability.io/vulnerability/CVE-2019-2783,Unauthenticated Access Vulnerability in Oracle E-Business Suite Payment Component,"An unauthenticated access vulnerability exists in the Oracle Payments component of the Oracle E-Business Suite, which impacts a range of versions. This weakness allows an attacker with network access via HTTP to compromise sensitive data without authentication. Although the vulnerability is specific to Oracle Payments, an exploit could lead to unauthorized read access to confidential information stored within. The impact is significant as it may affect not only the payments component but could also extend to other integrated products within the Oracle E-Business Suite. Users are urged to apply security patches to mitigate potential risks.",Oracle,Payments,5.8,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2773,https://securityvulnerability.io/vulnerability/CVE-2019-2773,Oracle E-Business Suite Payment Component Vulnerability,"A vulnerability exists in the Oracle Payments component of the Oracle E-Business Suite, which allows unauthenticated attackers to exploit the system via HTTP. This weakens the security framework of the affected versions (12.1.1 - 12.1.3 and 12.2.3 - 12.2.8), enabling access to sensitive data within Oracle Payments. Potential exploitation could lead to unauthorized visibility of accessible payment data, severely impacting organizational confidentiality and data integrity.",Oracle,Payments,5.8,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2775,https://securityvulnerability.io/vulnerability/CVE-2019-2775,File Transmission Vulnerability in Oracle E-Business Suite,"A vulnerability exists in the Oracle Payments component of the Oracle E-Business Suite that allows an unauthenticated attacker with network access via HTTP to exploit it. This issue can lead to unauthorized creation, deletion, or modification of crucial data within Oracle Payments, potentially allowing attackers to disrupt service significantly or access sensitive data. Supported versions affected include 12.1.1 through 12.1.3 and 12.2.3 through 12.2.8.",Oracle,Payments,9.1,CRITICAL,0.0009299999801442027,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2018-3311,https://securityvulnerability.io/vulnerability/CVE-2018-3311,,"Vulnerability in the Oracle Retail Xstore Payment component of Oracle Retail Applications (subcomponent: Security). The supported version that is affected is 3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Xstore Payment. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Xstore Payment accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Xstore Payment accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Xstore Payment. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L).",Oracle,Micros Xstore Payment,8.6,HIGH,0.0024900001008063555,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-2896,https://securityvulnerability.io/vulnerability/CVE-2018-2896,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Banking Payments, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Banking Payments,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3020,https://securityvulnerability.io/vulnerability/CVE-2018-3020,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Payments. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).",Oracle,Banking Payments,6.3,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3021,https://securityvulnerability.io/vulnerability/CVE-2018-3021,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Banking Payments,5.3,MEDIUM,0.0013099999632686377,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3023,https://securityvulnerability.io/vulnerability/CVE-2018-3023,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Banking Payments. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).",Oracle,Banking Payments,5.4,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3024,https://securityvulnerability.io/vulnerability/CVE-2018-3024,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Banking Payments,5.4,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3025,https://securityvulnerability.io/vulnerability/CVE-2018-3025,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).",Oracle,Banking Payments,5.3,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3027,https://securityvulnerability.io/vulnerability/CVE-2018-3027,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Payments accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Banking Payments,8.1,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3022,https://securityvulnerability.io/vulnerability/CVE-2018-3022,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Payments. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).",Oracle,Banking Payments,6.5,MEDIUM,0.0008200000156648457,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3026,https://securityvulnerability.io/vulnerability/CVE-2018-3026,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.2.0, 12.3.0, 12.4.0, 12.5.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Banking Payments, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).",Oracle,Banking Payments,5.4,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2704,https://securityvulnerability.io/vulnerability/CVE-2018-2704,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Payments accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Banking Payments. CVSS 3.0 Base Score 8.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).",Oracle,Banking Payments,8.1,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2018-2708,https://securityvulnerability.io/vulnerability/CVE-2018-2708,,Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Banking Payments,5.3,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2018-2705,https://securityvulnerability.io/vulnerability/CVE-2018-2705,,"Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions that are affected are 12.3.0 and 12.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in takeover of Oracle Banking Payments. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).",Oracle,Banking Payments,8.8,HIGH,0.001829999964684248,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0