Oracle Application Object Library vulnerabilities
31 known vulnerabilities affecting oracle/application_object_library.
Total CVEs
31
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM24LOW1
Vulnerabilities
Page 1 of 2
CVE-2025-30730HIGHCVSS 7.5≥ 12.2.5, ≤ 12.2.142025-04-15
CVE-2025-30730 [HIGH] CWE-400 CVE-2025-30730: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.5-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can
nvd
CVE-2025-30726MEDIUMCVSS 5.3≥ 12.2.3, ≤ 12.2.142025-04-15
CVE-2025-30726 [MEDIUM] CWE-284 CVE-2025-30726: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability c
nvd
CVE-2025-30732MEDIUMCVSS 6.1≥ 12.2.3, ≤ 12.2.142025-04-15
CVE-2025-30732 [MEDIUM] CWE-284 CVE-2025-30732: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks require human interacti
nvd
CVE-2024-21128MEDIUMCVSS 5.4≥ 12.2.6, ≤ 12.2.132024-07-16
CVE-2024-21128 [MEDIUM] CVE-2024-21128: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: APIs). Supported versions that are affected are 12.2.6-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks require human interaction from a
nvd
CVE-2024-20915MEDIUMCVSS 5.3≥ 12.2.3, ≤ 12.2.132024-02-17
CVE-2024-20915 [MEDIUM] CWE-444 CVE-2024-20915: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login - SSO). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerab
nvd
CVE-2024-20929MEDIUMCVSS 6.5≥ 12.2.3, ≤ 12.2.132024-02-17
CVE-2024-20929 [MEDIUM] CWE-284 CVE-2024-20929: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: DB Privileges). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulner
nvd
CVE-2023-21978MEDIUMCVSS 6.5≥ 12.2.3, ≤ 12.2.112023-04-18
CVE-2023-21978 [MEDIUM] CVE-2023-21978: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: GUI). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks require human interaction from a
nvd
CVE-2021-2314HIGHCVSS 8.1≥ 12.2.3, ≤ 12.2.10v12.1.32021-04-22
CVE-2021-2314 [HIGH] CVE-2021-2314: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Profiles). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability
nvd
CVE-2020-14840MEDIUMCVSS 4.7≥ 12.2.3, ≤ 12.2.10v12.1.32020-10-21
CVE-2020-14840 [MEDIUM] CVE-2020-14840: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks require hum
nvd
CVE-2020-14635MEDIUMCVSS 5.3≥ 12.2.5, ≤ 12.2.92020-07-15
CVE-2020-14635 [MEDIUM] CVE-2020-14635: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Logging). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can res
nvd
CVE-2020-14554MEDIUMCVSS 4.7≥ 12.2.3, ≤ 12.2.8v12.1.32020-07-15
CVE-2020-14554 [MEDIUM] CVE-2020-14554: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks require human
nvd
CVE-2019-3027MEDIUMCVSS 5.3≥ 12.2.5, ≤ 12.2.92019-10-16
CVE-2019-3027 [MEDIUM] CVE-2019-3027: Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login Help). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can re
nvd
CVE-2019-2761LOWCVSS 3.7≥ 12.2.3, ≤ 12.2.8v12.1.32019-07-23
CVE-2019-2761 [LOW] CVE-2019-2761: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful atta
nvd
CVE-2019-2621MEDIUMCVSS 4.7v12.1.3v12.2.3+5 more2019-04-23
CVE-2019-2621 [MEDIUM] CVE-2019-2621: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Librar
nvd
CVE-2018-3138HIGHCVSS 8.2v12.1.3v12.2.3+4 more2018-10-17
CVE-2018-3138 [HIGH] CVE-2018-3138: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Li
nvd
CVE-2018-3244MEDIUMCVSS 5.3v12.1.3v12.2.3+4 more2018-10-17
CVE-2018-3244 [MEDIUM] CVE-2018-3244: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object
nvd
CVE-2017-10328HIGHCVSS 7.5v12.1.3v12.2.3+4 more2017-10-19
CVE-2017-10328 [HIGH] CWE-200 CVE-2017-10328: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Librar
nvd
CVE-2017-10331MEDIUMCVSS 5.3v12.1.3v12.2.3+4 more2017-10-19
CVE-2017-10331 [MEDIUM] CWE-200 CVE-2017-10331: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Libr
nvd
CVE-2017-10246HIGHCVSS 8.2PoCv12.1.3v12.2.3+3 more2017-08-08
CVE-2017-10246 [HIGH] CVE-2017-10246: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: iHelp). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks
nvd
CVE-2017-10177HIGHCVSS 8.1v12.2.62017-08-08
CVE-2017-10177 [HIGH] CVE-2017-10177: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Flexfields). The supported version that is affected is 12.2.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can resu
nvd
1 / 2Next →