cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21076,https://securityvulnerability.io/vulnerability/CVE-2024-21076,Unauthorized Access Vulnerability in Oracle Trade Management by Oracle,"A vulnerability exists in the Oracle Trade Management product of Oracle E-Business Suite, specifically within the Offer LOV component. Supported versions facing this issue include 12.2.3 through 12.2.13. The vulnerability is easily exploitable by an unauthenticated attacker with network access via HTTP, which poses a significant risk. Successful exploitation could lead to unauthorized access, allowing attackers to compromise sensitive data and gain complete access to the data present in Oracle Trade Management. This situation highlights the critical need for users to evaluate their security posture and consider applying the latest patches to mitigate these risks effectively.",Oracle,Trade Management,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-21074,https://securityvulnerability.io/vulnerability/CVE-2024-21074,Unauthenticated Network Access Vulnerability in Oracle Trade Management,"A vulnerability has been identified in the Oracle Trade Management component of Oracle E-Business Suite, specifically affecting versions 12.2.3 through 12.2.13. This vulnerability can be exploited by an unauthenticated attacker with network access via HTTP, potentially leading to unauthorized access to sensitive and critical data within Oracle Trade Management. Successful exploitation might grant attackers complete control over accessible data, posing significant security risks for organizations relying on this software.",Oracle,Trade Management,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-21073,https://securityvulnerability.io/vulnerability/CVE-2024-21073,Unauthenticated Network Access Vulnerability in Oracle Trade Management by Oracle,"A vulnerability exists in the Oracle Trade Management product of the Oracle E-Business Suite, specifically within the Claim LOV component. Supported versions 12.2.3 through 12.2.13 are affected by this easily exploitable threat. An unauthenticated attacker with HTTP network access can exploit this vulnerability to gain unauthorized access to sensitive data. The repercussions of a successful attack may include complete access to all data handled by Oracle Trade Management, posing a significant risk to organizational security and data integrity.",Oracle,Trade Management,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-21077,https://securityvulnerability.io/vulnerability/CVE-2024-21077,Unauthorized Access Vulnerability in Oracle Trade Management of Oracle E-Business Suite,"The vulnerability present in the Oracle Trade Management product of the Oracle E-Business Suite affects multiple supported versions ranging from 12.2.3 to 12.2.13. The flaw arises from an easily exploitable condition that permits an unauthenticated attacker with network access via HTTP to compromise the security of the Oracle Trade Management system. Successful exploitation of this vulnerability may lead to unauthorized access to sensitive data, including confidential information related to GL Accounts. As such, software administrators should prioritize patching vulnerable versions to mitigate potential data breaches.",Oracle,Trade Management,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-21075,https://securityvulnerability.io/vulnerability/CVE-2024-21075,Unauthenticated Data Exposure in Oracle E-Business Suite Trade Management,"A vulnerability exists in the Oracle Trade Management component of the Oracle E-Business Suite, specifically within the Claim Line List of Values (LOV). This flaw affects supported versions between 12.2.3 and 12.2.13. The vulnerability allows an unauthenticated attacker with network access via HTTP to exploit this flaw, potentially leading to unauthorized access to sensitive information. Exploitation of this vulnerability may result in a breach of confidentiality, enabling attackers to gain access to all data that Oracle Trade Management can access without any authentication.",Oracle,Trade Management,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2022-21250,https://securityvulnerability.io/vulnerability/CVE-2022-21250,Vulnerability in Oracle Trade Management Component of Oracle E-Business Suite,"A vulnerability has been identified in the Oracle Trade Management component of Oracle E-Business Suite, allowing low-privileged attackers with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, as well as full access to sensitive information within Oracle Trade Management. This poses a significant risk to data integrity and confidentiality within the affected versions, necessitating immediate attention and remediation to protect against potential data breaches.",Oracle,Trade Management,8.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-19T11:22:04.000Z,0
CVE-2021-35554,https://securityvulnerability.io/vulnerability/CVE-2021-35554,Improper Access Control in Oracle E-Business Suite Trade Management,"The Oracle E-Business Suite's Trade Management component exhibits an improper access control vulnerability that can be exploited by an unauthenticated attacker with network access via HTTP. This allows unauthorized read access to a portion of the sensitive data within the Trade Management system. Supported versions, including 12.1.1 through 12.1.3 and 12.2.3 through 12.2.10, are at risk, necessitating immediate attention and remediation to safeguard confidential information.",Oracle,Trade Management,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2021-10-20T10:50:03.000Z,0
CVE-2021-2485,https://securityvulnerability.io/vulnerability/CVE-2021-2485,Oracle E-Business Suite Trade Management Vulnerability,"A vulnerability exists in Oracle Trade Management, part of the Oracle E-Business Suite, specifically within the Quotes component. This issue affects versions 12.1.1 through 12.1.3 and can be exploited by low-privileged attackers with network access over HTTP. The successful exploitation of this vulnerability can lead to unauthorized creation, deletion, or modification of critical data, potentially granting attackers extensive access to all data accessible within Oracle Trade Management. Immediate attention is required to mitigate risks associated with this vulnerability.",Oracle,Trade Management,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-10-20T10:49:49.000Z,0
CVE-2021-2206,https://securityvulnerability.io/vulnerability/CVE-2021-2206,Unauthorized Access Vulnerability in Oracle Trade Management by Oracle,"The vulnerability in Oracle Trade Management within the Oracle E-Business Suite can be exploited via HTTP, allowing an unauthenticated attacker to potentially gain unauthorized access to sensitive data. While the initial vulnerability lies within the Oracle Trade Management component, successful exploitation can have significant repercussions on other integrated products. The exploitation path involves social engineering—requiring human interaction from a third party—therefore increasing the complexity of successful attacks. As a result, the impact of this vulnerability could include unauthorized read, update, insert, or delete actions on critical data, raising significant security concerns for organizations utilizing Oracle's solutions.",Oracle,Trade Management,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:51.000Z,0
CVE-2021-2210,https://securityvulnerability.io/vulnerability/CVE-2021-2210,Unauthenticated Access Vulnerability in Oracle Trade Management by Oracle,"A vulnerability in Oracle Trade Management allows unauthenticated attackers with network access to compromise the system via HTTP. This flaw requires user interaction from a separate individual, but once exploited, it could lead to serious implications, including unauthorized access to crucial data and the capability to modify or delete information within the system. The impact of this vulnerability may extend beyond Oracle Trade Management and influence other integrated products. Organizations using the affected versions are urged to apply relevant updates to mitigate potential risks.",Oracle,Trade Management,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:51.000Z,0
CVE-2020-14857,https://securityvulnerability.io/vulnerability/CVE-2020-14857,User Interface Vulnerability in Oracle Trade Management by Oracle,"An unauthenticated attacker with network access via HTTP can exploit a vulnerability in the User Interface of Oracle Trade Management. This exploit requires human interaction from a user, potentially leading to unauthorized access to sensitive data within Oracle Trade Management. The impact of this vulnerability could extend to other interconnected products within the Oracle ecosystem. Successful exploits may enable hackers to view, modify, or delete critical information, posing significant risks to data integrity and confidentiality.",Oracle,Trade Management,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:29.000Z,0
CVE-2020-14876,https://securityvulnerability.io/vulnerability/CVE-2020-14876,Vulnerability in User Interface of Oracle E-Business Suite Trade Management,"The vulnerability in the User Interface component of Oracle Trade Management within the Oracle E-Business Suite allows an unauthenticated attacker with network access to exploit the system through HTTP. This flaw enables unauthorized actions such as the creation, deletion, or modification of critical data. Successful exploitation can lead to complete control over all accessible data within Oracle Trade Management, jeopardizing the confidentiality and integrity of sensitive information. Organizations using affected versions (12.1.1 - 12.1.3 and 12.2.3 - 12.2.10) should prioritize remediation measures to protect their systems.",Oracle,Trade Management,9.1,CRITICAL,0.007309999782592058,false,,false,false,false,,,false,false,,2020-10-21T14:04:29.000Z,0
CVE-2020-14856,https://securityvulnerability.io/vulnerability/CVE-2020-14856,Vulnerability in Oracle E-Business Suite's Trade Management Component,"A security vulnerability exists in Oracle Trade Management within the Oracle E-Business Suite that could allow an unauthenticated attacker to exploit the system via HTTP. Successful exploitation of this vulnerability necessitates human interaction from another individual, thus exposing sensitive data. Compromised access can lead to unauthorized operations such as updates, inserts, or deletions of critical data within Oracle Trade Management, potentially affecting additional integrated applications. Organizations are strongly advised to implement mitigation measures to protect their systems.",Oracle,Trade Management,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:28.000Z,0
CVE-2020-14851,https://securityvulnerability.io/vulnerability/CVE-2020-14851,Security Flaw in Oracle Trade Management of Oracle E-Business Suite,"A security vulnerability in Oracle Trade Management allows an unauthenticated attacker with network access to potentially exploit the system via HTTP. Exploits may require human interaction, and although the vulnerability is specific to Oracle Trade Management, successful attacks can have broader implications, affecting additional Oracle E-Business Suite products. Attackers could gain unauthorized access to sensitive data or modify, insert, or delete data within the Oracle Trade Management application.",Oracle,Trade Management,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:28.000Z,0
CVE-2020-14833,https://securityvulnerability.io/vulnerability/CVE-2020-14833,User Interface Vulnerability in Oracle Trade Management by Oracle,"An unauthenticated attacker with network access via HTTP can exploit a vulnerability in the User Interface component of Oracle Trade Management. Successful exploitation allows attackers to gain unauthorized access to sensitive data and execute unauthorized updates, inserts, or deletions. While primarily affecting Oracle Trade Management, the implications of this vulnerability may extend to other interconnected products within the Oracle E-Business Suite. Notably, these attacks require human interaction from individuals other than the attacker, highlighting the potential risks to data integrity and security.",Oracle,Trade Management,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:27.000Z,0
CVE-2020-14834,https://securityvulnerability.io/vulnerability/CVE-2020-14834,User Interface Vulnerability in Oracle Trade Management by Oracle,"An exploitable vulnerability exists in the User Interface of Oracle Trade Management that allows an unauthenticated attacker with network access via HTTP to compromise the application. Although exploitation requires interaction from a third party, successful attacks can lead to significant unauthorized access to sensitive data within the Oracle Trade Management system. This could empower an attacker to update, insert, or delete critical data with significant ramifications for organizational security. The scope of potential impact extends to other products within the Oracle ecosystem, highlighting the need for immediate mitigation actions to safeguard against potential data breaches.",Oracle,Trade Management,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:27.000Z,0
CVE-2020-14808,https://securityvulnerability.io/vulnerability/CVE-2020-14808,Unauthenticated Access Vulnerability in Oracle Trade Management by Oracle,"A vulnerability exists in Oracle Trade Management, part of the Oracle E-Business Suite, that permits unauthenticated attackers with network access via HTTP to access sensitive data. This vulnerability can lead to unauthorized access and potential alteration of critical information within the Oracle Trade Management system. Successful exploitation requires human interaction from a third party, emphasizing the need for enhanced security measures. The impact of attacks could extend beyond the affected product, potentially compromising additional components of the Oracle E-Business Suite.",Oracle,Trade Management,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2020-10-21T14:04:26.000Z,0
CVE-2020-14665,https://securityvulnerability.io/vulnerability/CVE-2020-14665,Unauthenticated Access Vulnerability in Oracle E-Business Suite's Trade Management,"A critical vulnerability exists in the Invoice component of Oracle Trade Management within the Oracle E-Business Suite. An unauthenticated attacker with network access can exploit this vulnerability via HTTP, leading to potential unauthorized creation, deletion, or manipulation of critical data. This exploit allows attackers to obtain complete unauthorized access to the data managed within Oracle Trade Management systems, posing significant risks to data integrity and confidentiality. Organizations using the affected versions should prioritize applying security updates to mitigate potential exploitation.",Oracle,Trade Management,9.1,CRITICAL,0.0019399999873712659,false,,false,false,false,,,false,false,,2020-07-15T17:34:32.000Z,0
CVE-2020-2821,https://securityvulnerability.io/vulnerability/CVE-2020-2821,Unauthenticated Vulnerability in Oracle Trade Management by Oracle,"Oracle Trade Management in the Oracle E-Business Suite contains a vulnerability that allows unauthenticated attackers with network access via HTTP to exploit the system. This vulnerability necessitates human interaction, creating a potential risk for unauthorized access leading to exposure of sensitive data and possible unauthorized manipulations including updates, inserts, or deletions of crucial data within Oracle Trade Management. Given its nature, it has implications that may extend to other interconnected products, forcing organizations to address this security concern proactively.",Oracle,Trade Management,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:47.000Z,0
CVE-2020-2822,https://securityvulnerability.io/vulnerability/CVE-2020-2822,Vulnerability in Oracle Trade Management Product of Oracle E-Business Suite,"The vulnerability in Oracle Trade Management predicated on improper authentication allows unauthenticated attackers to exploit the system via HTTP, potentially compromising critical data. Although the flaw resides within Oracle Trade Management, the impact could extend to associated products, leading to unauthorized access, data manipulation, and significant security breaches. Successful exploitation requires human interaction, highlighting the importance of user awareness and system security safeguards.",Oracle,Trade Management,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:47.000Z,0
CVE-2019-2643,https://securityvulnerability.io/vulnerability/CVE-2019-2643,Oracle E-Business Suite Trade Management Vulnerability,"This vulnerability in the Oracle Trade Management component of Oracle E-Business Suite enables an unauthenticated attacker to exploit the system through HTTP access. While it primarily affects Trade Management, successful exploitation necessitates human interaction from a third party, potentially leading to unauthorized access to sensitive data. Attackers can gain complete access to the data managed by the Oracle Trade Management application, allowing them to execute unauthorized updates, inserts, or deletions, significantly jeopardizing overall data integrity.",Oracle,Trade Management,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:42.000Z,0
CVE-2019-2641,https://securityvulnerability.io/vulnerability/CVE-2019-2641,Vulnerability in Oracle Trade Management Component of Oracle E-Business Suite,"An unauthenticated vulnerability exists within the Oracle Trade Management component of Oracle E-Business Suite. This issue allows an attacker with network access to exploit the system via HTTP, potentially compromising critical data. While the vulnerability is localized to Oracle Trade Management, successful exploitation can impact additional associated products. Attackers require human interaction from a third party to execute their malicious activities, which may lead to unauthorized access or manipulation of vital data within the system.",Oracle,Trade Management,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:42.000Z,0
CVE-2019-2640,https://securityvulnerability.io/vulnerability/CVE-2019-2640,Unauthorized Access Vulnerability in Oracle E-Business Suite Trade Management Component,"This vulnerability in the Oracle Trade Management component of Oracle E-Business Suite allows an unauthenticated attacker with network access via HTTP to compromise the system. Exploitation of this flaw necessitates human interaction from a user other than the attacker. Although the primary weakness lies within Oracle Trade Management, successful exploitation can lead to unauthorized access to critical data across other related products. An attacker could gain full access and perform unauthorized updates, inserts, or deletions of sensitive data within the Trade Management system.",Oracle,Trade Management,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:42.000Z,0
CVE-2019-2642,https://securityvulnerability.io/vulnerability/CVE-2019-2642,Vulnerability in Oracle Trade Management Component of Oracle E-Business Suite,"An unauthenticated access vulnerability exists in the Oracle Trade Management component of the Oracle E-Business Suite. This vulnerability can be exploited by attackers with network access via HTTP, allowing them to compromise Oracle Trade Management. Although exploitation requires user interaction from a person other than the attacker, successful exploitation can lead to unauthorized access to critical data and manipulation of Oracle Trade Management data, which may significantly impact other products within the suite.",Oracle,Trade Management,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-04-23T18:16:42.000Z,0
CVE-2018-3011,https://securityvulnerability.io/vulnerability/CVE-2018-3011,,"Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Trade Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Trade Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Trade Management accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Trade Management,8.2,HIGH,0.0014700000174343586,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0