cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-35562,https://securityvulnerability.io/vulnerability/CVE-2021-35562,Access Control Vulnerability in Oracle E-Business Suite Universal Work Queue,"An access control vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite allows low-privileged attackers with network access via HTTP to compromise the system. This vulnerability can lead to unauthorized creation, deletion, or modification of critical data and provides full access to all data accessible through Oracle Universal Work Queue. The affected versions include 12.1.1 to 12.1.3 and 12.2.3 to 12.2.10. Organizations must promptly apply patches to mitigate potential risks associated with this vulnerability.",Oracle,Universal Work Queue,8.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2021-10-20T10:50:09.000Z,0
CVE-2021-2246,https://securityvulnerability.io/vulnerability/CVE-2021-2246,Vulnerability in Oracle E-Business Suite Work Provider Administration,"A vulnerability exists in the Oracle Universal Work Queue component of the Oracle E-Business Suite, specifically affecting versions 12.1.1 to 12.1.3. This issue can be exploited by a low-privileged attacker with network access via HTTP, leading to serious security risks such as unauthorized creation, deletion, or modification of data. Successful exploitation can enable attackers to gain access to all data available within the Oracle Universal Work Queue, compromising the integrity and confidentiality of sensitive information.",Oracle,Universal Work Queue,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-04-22T21:53:55.000Z,0
CVE-2020-14862,https://securityvulnerability.io/vulnerability/CVE-2020-14862,Oracle E-Business Suite Vulnerability in Universal Work Queue,"The Oracle Universal Work Queue component within Oracle E-Business Suite is susceptible to an access control vulnerability that can be exploited by low privileged attackers with network access via HTTP. This easily exploitable flaw permits unauthorized access, potentially leading to a complete takeover of the Oracle Universal Work Queue. This vulnerability affects Oracle E-Business Suite versions 12.2.3 to 12.2.9, posing a significant risk to organizations depending on this system for their operations.",Oracle,Universal Work Queue,8.8,HIGH,0.00395999988541007,false,,false,false,false,,,false,false,,2020-10-21T14:04:29.000Z,0
CVE-2020-14855,https://securityvulnerability.io/vulnerability/CVE-2020-14855,Unauthorized Access Vulnerability in Oracle E-Business Suite's Universal Work Queue,"A vulnerability exists in Oracle E-Business Suite's Universal Work Queue component, allowing an unauthenticated attacker with network access over HTTP to compromise its functionality. This breach could lead to unauthorized control over the Universal Work Queue, posing significant risks to confidentiality, integrity, and availability of system resources.",Oracle,Universal Work Queue,9.8,CRITICAL,0.004170000087469816,false,,false,false,false,,,false,false,,2020-10-21T14:04:28.000Z,0
CVE-2020-2818,https://securityvulnerability.io/vulnerability/CVE-2020-2818,Vulnerability in Oracle E-Business Suite Universal Work Queue,"An exploitable vulnerability exists in the Oracle Universal Work Queue component of Oracle E-Business Suite. This issue enables unauthenticated attackers to gain network access via HTTP, compromising the Universal Work Queue. Although successful exploitation requires human interaction from a third-party user, the attack may have widespread implications, potentially affecting multiple products within the suite. Attackers could gain unauthorized access to sensitive information and perform unpredictable modifications to accessible data. This vulnerability underscores the importance of securing configurations and applying security updates promptly to safeguard sensitive data.",Oracle,Universal Work Queue,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:47.000Z,0
CVE-2020-2819,https://securityvulnerability.io/vulnerability/CVE-2020-2819,Unauthenticated Access Vulnerability in Oracle E-Business Suite's Universal Work Queue,"The vulnerability in Oracle E-Business Suite's Universal Work Queue allows an unauthenticated attacker with network access to exploit the system via HTTP. This easily exploitable flaw requires human interaction from a third party, which elevates the risk of unauthorized access to critical data. Successful exploitation can lead to unauthorized modifications, such as updates, insertions, or deletions of accessible data. The implications extend beyond the Universal Work Queue, potentially impacting other integrated systems.",Oracle,Universal Work Queue,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:47.000Z,0
CVE-2017-10332,https://securityvulnerability.io/vulnerability/CVE-2017-10332,,"Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",Oracle,Universal Work Queue,7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-3415,https://securityvulnerability.io/vulnerability/CVE-2017-3415,,"Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Universal Work Queue, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data as well as unauthorized update, insert or delete access to some of Oracle Universal Work Queue accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).",Oracle,Universal Work Queue,8.2,HIGH,0.001970000099390745,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3417,https://securityvulnerability.io/vulnerability/CVE-2017-3417,,"Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Universal Work Queue, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data as well as unauthorized update, insert or delete access to some of Oracle Universal Work Queue accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).",Oracle,Universal Work Queue,8.2,HIGH,0.0024999999441206455,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3416,https://securityvulnerability.io/vulnerability/CVE-2017-3416,,"Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Universal Work Queue, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data as well as unauthorized update, insert or delete access to some of Oracle Universal Work Queue accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).",Oracle,Universal Work Queue,8.2,HIGH,0.001120000029914081,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2016-0525,https://securityvulnerability.io/vulnerability/CVE-2016-0525,,"Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Work Provider Administration.",Oracle,Universal Work Queue,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0536,https://securityvulnerability.io/vulnerability/CVE-2016-0536,,Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to error messages.,Oracle,Universal Work Queue,,,0.001449999981559813,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0