Total
332 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3993 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2007-0290 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.5 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors related to (1) Application Object Library (APPS01), (2) Human Resources (APPS03), (3) Payables (APPS04), (4) Trading Community Architecture (APPS05), and (5) Web Applications Desktop Integrator (APPS06). | |||||
| CVE-2006-5367 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 9.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS03 in Oracle Applications Framework, (2) APPS04 in Oracle Applications Technology Stack, and (3) APPS05 in Oracle Balanced Scorecard, (4) APPS09 in Oracle Scripting, and (5) APPS10 in Oracle Trading Community. | |||||
| CVE-2008-0348 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04. | |||||
| CVE-2008-5446 | 1 Oracle | 2 E-business Suite, E-business Suite 12 | 2025-04-09 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is related to unrestricted guest access to the "About Us Page" in the Oracle Applications Framework (OAF), which allows attackers to obtain sensitive system and application environment information. | |||||
| CVE-2008-7238 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 6.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via unknown vectors related to the Mobile Application Server component (APP01); (2) remote attackers to affect confidentiality via unknown vectors related to the Oracle Applications Framework (APP03); remote authenticated users to affect confidentiality and integrity via unknown vectors related to the (3) CRM Technical Foundation (APP05) and (4) Oracle Application Object Library (APP06); and remote authenticated users to affect integrity and availability via unknown vectors related to (5) Oracle Applications Technology Stack (APP07). | |||||
| CVE-2008-3998 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2006-5370 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS06 for Oracle CRM Gateway for Mobile Devices and (2) APPS08 for Oracle iStore. | |||||
| CVE-2007-2126 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications (APPS01) and (2) iProcurement (APPS02). | |||||
| CVE-2007-2135 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 7.8 HIGH | N/A |
| The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FND_DOCUMENTS table via the ADI_DISPLAY_REPORT function, when passed a certain parameter. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other CVE identifiers such as CVE-2007-2126, CVE-2007-2127, or CVE-2007-2128. | |||||
| CVE-2007-2170 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 9.4 HIGH | N/A |
| The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other CVE identifiers such as CVE-2007-2126, CVE-2007-2127, or CVE-2007-2128. | |||||
| CVE-2009-3392 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.4 MEDIUM | N/A |
| Unspecified vulnerability in the Agile Engineering Data Management (EDM) component in Oracle E-Business Suite 6.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2009-1000 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 7.5 HIGH | N/A |
| The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND Applications Users (not DB users)," which has unknown impact and attack vectors. | |||||
| CVE-2007-3854 | 1 Oracle | 9 Apex, Application Server, Collaboration Suite and 6 more | 2025-04-09 | 5.5 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow. | |||||
| CVE-2009-0995 | 1 Oracle | 2 E-business Suite, E-business Suite 12 | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2007-3866 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via (a) Oracle Configurator (APPS02), (b) Oracle iExpenses (APPS03), (c) Oracle Application Object Library (APPS09), and (1) APPS12, (2) APPS13, and (3) APPS14 in (d) Oracle Payables. | |||||
| CVE-2007-2130 | 1 Oracle | 4 Application Server, Collaboration Suite, Database Server and 1 more | 2025-04-09 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticated attack vectors, aka OWF01. | |||||
| CVE-2010-0077 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the CRM Technical Foundation (mobile) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2008-2601 | 1 Oracle | 1 E-business Suite | 2025-04-09 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors. | |||||
| CVE-2008-7235 | 1 Oracle | 2 Application Server, E-business Suite | 2025-04-09 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Forms component in Oracle Application Server 10.1.2.2 and E-Business Suite 12.0.3 allows remote attackers to affect integrity via unknown vectors, aka AS04. | |||||