cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-39420,https://securityvulnerability.io/vulnerability/CVE-2022-39420,Data Vulnerability in Oracle Transportation Management by Oracle,"A vulnerability exists in the Oracle Transportation Management product, which may be exploited by an attacker with low privileges and network access via HTTP. This flaw allows unauthorized actions such as the update, insertion, or deletion of accessible data, as well as the ability to read certain data without authorization. The affected versions include 6.4.3 and 6.5.1, highlighting the need for immediate security measures to protect sensitive information within the supply chain management system.",Oracle,Transportation Management,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21591,https://securityvulnerability.io/vulnerability/CVE-2022-21591,UI Infrastructure Vulnerability in Oracle Transportation Management by Oracle,"A vulnerability exists in the UI Infrastructure component of the Oracle Transportation Management product that allows an attacker with low privileges and network access via HTTP to execute unauthorized actions. This can lead to unauthorized updates, inserts, or deletions of accessible data, as well as potentially causing a partial denial of service. The vulnerability affects specific versions of the product, emphasizing the need for users to address this security risk promptly to protect their data integrity and availability.",Oracle,Transportation Management,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-39409,https://securityvulnerability.io/vulnerability/CVE-2022-39409,Business Process Automation Vulnerability in Oracle Transportation Management by Oracle,"A vulnerability in Oracle Transportation Management allows an attacker with high privileges and network access through HTTP to compromise the system. This could lead to unauthorized actions, culminating in a partial denial of service. The affected versions, 6.4.3 and 6.5.1, require immediate attention to mitigate potential risks.",Oracle,Transportation Management,2.7,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-39411,https://securityvulnerability.io/vulnerability/CVE-2022-39411,Business Process Automation Vulnerability in Oracle Transportation Management,"This vulnerability in Oracle Transportation Management's Business Process Automation component allows an attacker with high privileges and network access via HTTP to exploit the system easily. Successful exploitation can result in unauthorized access to sensitive data, potentially leading to full control over the data accessible within Oracle Transportation Management.",Oracle,Transportation Management,4.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21480,https://securityvulnerability.io/vulnerability/CVE-2022-21480,User Interface Vulnerability in Oracle Transportation Management by Oracle,"A vulnerability within the Oracle Transportation Management product allows unauthenticated attackers with network access via HTTP to exploit weaknesses in the user interface. This issue can lead to unauthorized modifications, including updates, insertions, or deletions of data, alongside unauthorized read access to sensitive information within Oracle Transportation Management. Successful exploitation does require human interaction, which increases the complexity of the attack. It has broader implications as it may affect related systems connected to Oracle Transportation Management.",Oracle,Transportation Management,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-04-19T20:38:26.000Z,0
CVE-2021-35616,https://securityvulnerability.io/vulnerability/CVE-2021-35616,Vulnerability in Oracle Transportation Management UI Infrastructure,"A vulnerability exists in the UI Infrastructure of Oracle Transportation Management, affecting version 6.4.3. This flaw allows low privileged attackers with network access via HTTP to exploit the system. Attackers may gain unauthorized access that includes the ability to perform update, insert, or delete operations on accessible data. Additionally, the vulnerability puts certain accessible data at risk of unauthorized read access, leading to potential data breaches. This compromise poses serious implications for data confidentiality and integrity.",Oracle,Transportation Management,5.4,MEDIUM,0.000539999979082495,false,,false,false,true,2021-12-03T13:22:19.000Z,true,false,false,,2021-10-20T10:50:52.000Z,0
CVE-2021-2476,https://securityvulnerability.io/vulnerability/CVE-2021-2476,Unauthenticated Access Flaw in Oracle Transportation Management by Oracle,"An unauthenticated vulnerability exists in Oracle Transportation Management, allowing network-accessible attackers to access sensitive data. The flaw impacts version 6.4.3 and can be exploited without prior authentication, resulting in unauthorized reading of data within the system. This vulnerability raises concerns regarding data confidentiality and highlights the necessity for robust access controls and security measures.",Oracle,Transportation Management,5.3,MEDIUM,0.0009699999936856329,false,,false,false,false,,,false,false,,2021-10-20T10:49:41.000Z,0
CVE-2020-14544,https://securityvulnerability.io/vulnerability/CVE-2020-14544,Data Security Vulnerability in Oracle Transportation Management by Oracle,"An easily exploitable vulnerability exists in Oracle Transportation Management, affecting version 6.4.3, which could allow a low-privileged attacker with network access via HTTP to gain unauthorized read access to certain data. This vulnerability poses a risk of sensitive information exposure, highlighting the importance of securing applications and implementing precautionary measures.",Oracle,Transportation Management,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:26.000Z,0
CVE-2020-2744,https://securityvulnerability.io/vulnerability/CVE-2020-2744,Security Vulnerability in Oracle Transportation Management by Oracle,"A security vulnerability has been identified in Oracle Transportation Management that allows a low privileged attacker with network access via HTTP to exploit the system. While the vulnerability primarily affects Oracle Transportation Management, successful exploitation could significantly impact additional connected products. Attackers are required to have human interaction from a user other than themselves to carry out a successful attack. The vulnerability permits unauthorized actions such as updating, inserting, or deleting access to certain data within Oracle Transportation Management, as well as unauthorized reading of a subset of that data. The potential compromise of sensitive information poses a risk to the integrity and confidentiality of the data managed by the application.",Oracle,Transportation Management,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-04-15T13:29:44.000Z,0
CVE-2019-2709,https://securityvulnerability.io/vulnerability/CVE-2019-2709,Security Vulnerability in Oracle Transportation Management by Oracle,"A vulnerability exists in the Oracle Transportation Management component of Oracle Supply Chain Products Suite that allows an unauthenticated attacker with network access via HTTP to compromise the system. It is especially concerning as attacks can only be initiated with human interaction from a user not associated with the attacker. While the vulnerability is specific to Oracle Transportation Management, it may lead to unauthorized updates, inserts, or deletions of accessible data and unauthorized read access to certain data sets within the system. This could significantly compromise the integrity and confidentiality of data managed by the affected component.",Oracle,Transportation Management,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-04-23T18:16:45.000Z,0
CVE-2019-2487,https://securityvulnerability.io/vulnerability/CVE-2019-2487,,"Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure). Supported versions that are affected are 6.3.7, 6.4.1, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Transportation Management accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).",Oracle,Transportation Management,6.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-2823,https://securityvulnerability.io/vulnerability/CVE-2018-2823,,"Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database). The supported version that is affected is 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Transportation Management accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).",Oracle,Transportation Management,6.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2631,https://securityvulnerability.io/vulnerability/CVE-2018-2631,,"Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 6.2.11, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.1, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Transportation Management accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",Oracle,Transportation Management,4.3,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2018-2662,https://securityvulnerability.io/vulnerability/CVE-2018-2662,,"Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 6.2.11, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7 and 6.4.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Transportation Management accessible data as well as unauthorized read access to a subset of Oracle Transportation Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Transportation Management,5.4,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2017-10032,https://securityvulnerability.io/vulnerability/CVE-2017-10032,,"Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Access Control List). Supported versions that are affected are 6.3.4.1, 6.3.5.1, 6.3.6.1, 6.3.7.1, 6.4.0, 6.4.1 and 6.4.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Transportation Management accessible data as well as unauthorized read access to a subset of Oracle Transportation Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Transportation Management,5.4,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-3530,https://securityvulnerability.io/vulnerability/CVE-2017-3530,,"Vulnerability in the Oracle Transportation Manager component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, 6.4.1 and 6.4.2. Easily ""exploitable"" vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Transportation Manager. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Transportation Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Transportation Manager accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N).",Oracle,Transportation Management,6.1,MEDIUM,0.0009699999936856329,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2016-3490,https://securityvulnerability.io/vulnerability/CVE-2016-3490,,"Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, and 6.4.1 allows remote authenticated users to affect confidentiality via vectors related to Database.",Oracle,Transportation Management,3,LOW,0.0009399999980814755,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-3470,https://securityvulnerability.io/vulnerability/CVE-2016-3470,,Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.4.1 allows remote authenticated users to affect confidentiality and integrity via vectors related to Install.,Oracle,Transportation Management,7.1,HIGH,0.001449999981559813,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0