cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21279,https://securityvulnerability.io/vulnerability/CVE-2024-21279,Information Disclosure Vulnerability in Oracle Sourcing Product,"A security vulnerability exists in the Oracle Sourcing component of the Oracle E-Business Suite, specifically affecting versions 12.2.3 through 12.2.13. This easily exploitable vulnerability allows attackers with low privileges and network access via HTTP to manipulate the application's functionality. Successful exploitation may lead to unauthorized creation, modification, or deletion of critical data within Oracle Sourcing. Attackers may gain critical access to all data accessible by the application, significantly impacting the confidentiality and integrity of sensitive business information. Organizations using affected versions are advised to review the Oracle security advisory for mitigation strategies.",Oracle,Oracle Sourcing,8.1,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-10-15T19:53:01.330Z,0
CVE-2022-21274,https://securityvulnerability.io/vulnerability/CVE-2022-21274,Vulnerability in Oracle Sourcing of Oracle E-Business Suite,"An improper access control vulnerability exists in the Oracle Sourcing component of Oracle E-Business Suite, providing an attacker with the ability to execute unauthorized actions. This flaw, present in supported versions 12.2.3 through 12.2.11, allows low-privileged attackers with network access via HTTP to potentially create, delete, or modify critical data. Exploiting this vulnerability means that attackers could gain unauthorized access to sensitive data linked to Oracle Sourcing, resulting in significant risks to data integrity and confidentiality.",Oracle,Sourcing,8.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-19T11:22:54.000Z,0
CVE-2021-2263,https://securityvulnerability.io/vulnerability/CVE-2021-2263,Exploitable Vulnerability in Oracle Sourcing of Oracle E-Business Suite,"An exploitable vulnerability exists in the Intelligence component of the Oracle Sourcing product within the Oracle E-Business Suite. This flaw is accessible to low privileged attackers via network access through HTTP. If successfully exploited, it allows unauthorized creation, deletion, or modification of critical data in Oracle Sourcing, resulting in potential unauthorized access to sensitive information. Affected versions include 12.1.1 through 12.1.3, and the vulnerability poses significant risks to confidentiality and integrity of data.",Oracle,Sourcing,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-04-22T21:53:57.000Z,0
CVE-2018-2702,https://securityvulnerability.io/vulnerability/CVE-2018-2702,,Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FSCM. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise FSCM accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Peoplesoft Enterprise Scm Strategic Sourcing,6.5,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2017-10287,https://securityvulnerability.io/vulnerability/CVE-2017-10287,,Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FSCM. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise FSCM accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).,Oracle,Peoplesoft Enterprise Scm Strategic Sourcing,4.3,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10018,https://securityvulnerability.io/vulnerability/CVE-2017-10018,,"Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FSCM. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise FSCM accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).",Oracle,Peoplesoft Enterprise Scm Strategic Sourcing,4.3,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-3524,https://securityvulnerability.io/vulnerability/CVE-2017-3524,,"Vulnerability in the PeopleSoft Enterprise SCM Strategic Sourcing component of Oracle PeopleSoft Products (subcomponent: Bidder Registration). The supported version that is affected is 9.2. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM Strategic Sourcing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all PeopleSoft Enterprise SCM Strategic Sourcing accessible data as well as unauthorized access to critical data or complete access to all PeopleSoft Enterprise SCM Strategic Sourcing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N).",Oracle,Peoplesoft Enterprise Scm Strategic Sourcing,6.5,MEDIUM,0.0009699999936856329,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0