cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21541,https://securityvulnerability.io/vulnerability/CVE-2025-21541,Vulnerability in Oracle E-Business Suite Admin Screens and Grants UI,"A vulnerability in the Oracle Workflow component of Oracle E-Business Suite facilitates low privileged attackers to gain unauthorized access through HTTP. This issue allows the modification, insertion, or deletion of data within Oracle Workflow, as well as unrestricted read access to sensitive information. The affected versions range from 12.2.3 to 12.2.14, emphasizing the necessity for users to apply the latest patches to mitigate the risk of potential exploitation.",Oracle,Oracle Workflow,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T20:53:12.663Z,0
CVE-2024-21071,https://securityvulnerability.io/vulnerability/CVE-2024-21071,Vulnerability in Oracle Workflow within Oracle E-Business Suite,"A vulnerability exists in the Admin Screens and Grants UI component of the Oracle Workflow product within the Oracle E-Business Suite, affecting versions 12.2.3 to 12.2.13. This vulnerability allows an attacker with elevated privileges and network access via HTTP to exploit the weakness, potentially leading to the compromise of the Oracle Workflow system. Notably, while the vulnerability is specifically related to Oracle Workflow, the ramifications of successful attacks can extend to other integrated products within the E-Business Suite. Attackers leveraging this vulnerability can achieve unauthorized control, resulting in serious implications for data confidentiality, integrity, and availability.",Oracle,Workflow,9.1,CRITICAL,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2022-21567,https://securityvulnerability.io/vulnerability/CVE-2022-21567,Vulnerability in Oracle Workflow Product of Oracle E-Business Suite,"This vulnerability affects the Oracle Workflow component within Oracle E-Business Suite, allowing unauthorized attackers with network access via HTTP to obtain access to sensitive data. Unauthenticated individuals can exploit this vulnerability to gain access to all data accessible through Oracle Workflow, which may lead to significant data breaches and potential misuse of critical corporate information.",Oracle,Workflow,7.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:08:12.000Z,0
CVE-2021-2343,https://securityvulnerability.io/vulnerability/CVE-2021-2343,Unauthorized Data Access in Oracle E-Business Suite Workflow Notification Mailer,"The vulnerability in the Oracle Workflow component of Oracle E-Business Suite affects versions 12.1.3 and 12.2.3 through 12.2.10. This issue allows attackers with low privileges to access the network via HTTP, potentially compromising Oracle Workflow. Successful exploitation of this vulnerability could lead to unauthorized read access to sensitive data within the Workflow system. Proper countermeasures and security updates are essential to mitigate the risk associated with this vulnerability.",Oracle,Workflow,4.3,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2021-07-20T22:43:22.000Z,0
CVE-2021-2015,https://securityvulnerability.io/vulnerability/CVE-2021-2015,Unauthenticated Remote Code Execution Vulnerability in Oracle E-Business Suite,"A vulnerability exists in the Oracle Workflow component of Oracle E-Business Suite, which could be exploited by unauthenticated attackers with network access. This security flaw requires interaction from a user other than the attacker, but successful exploitation can lead to unauthorized access and manipulation of sensitive data. Attackers may leverage this weakness to gain access to critical information or perform unauthorized actions such as updating, inserting, or deleting data within Oracle Workflow. Consequently, this vulnerability poses significant risks not only to the Oracle Workflow system but also to interconnected applications.",Oracle,Workflow,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:01.000Z,0
CVE-2020-2753,https://securityvulnerability.io/vulnerability/CVE-2020-2753,Vulnerability in Oracle Workflow Product of Oracle E-Business Suite,"An unauthenticated access vulnerability exists in the Workflow Notification Mailer component of Oracle E-Business Suite. When exploited, this vulnerability allows an attacker with network access to compromise Oracle Workflow, enabling unauthorized operations such as updates, inserts, or deletions of accessible data. Supported versions 12.1.3, and 12.2.3 through 12.2.9 are notably affected, highlighting the critical need for security updates to protect sensitive workflow data.",Oracle,Workflow,5.3,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-04-15T13:29:44.000Z,0
CVE-2019-2925,https://securityvulnerability.io/vulnerability/CVE-2019-2925,Vulnerability in Oracle Workflow Component of Oracle E-Business Suite,"An exploitable vulnerability exists in the Oracle Workflow component of the Oracle E-Business Suite that allows unauthorized access to data. This vulnerability takes advantage of a weakness that permits unauthenticated attackers with network access via HTTP to compromise the workflow operations. Successfully exploiting this vulnerability leads to unauthorized capabilities such as updating, inserting, or deleting accessible data within the Oracle Workflow. Notably, the exploitation requires user interaction from a party other than the attacker, increasing the complexity of successful attacks.",Oracle,Workflow,4.3,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-10-16T17:40:54.000Z,0
CVE-2006-1884,https://securityvulnerability.io/vulnerability/CVE-2006-1884,,"Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01.",Oracle,"Database Server,Developer Suite,Application Server,Enterprise Manager Grid Control,E-business Suite,Peoplesoft Enterprise Tools,Collaboration Suite 10g Release 1,Enterpriseone Tools,Workflow,Pharmaceutical,Collaboration Suite,Oneworld Tools",,,0.014949999749660492,false,,false,false,false,,,false,false,,2006-04-20T10:00:00.000Z,0
CVE-2006-0552,https://securityvulnerability.io/vulnerability/CVE-2006-0552,,"Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.",Oracle,"Oracle10g,Application Server,Enterpriseone,Oracle8i,Developer Suite,Collaboration Suite,Database Server,10g Enterprise Manager Grid Control,Peoplesoft Enterprise Portal,E-business Suite,Oracle9i,Workflow",,,0.1231599971652031,false,,false,false,false,,,false,false,,2006-02-04T11:00:00.000Z,0