Oracle Applications Framework vulnerabilities

CVE-2025-53064 [MEDIUM] CWE-284 CVE-2025-53064: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Pe Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability

CVE-2025-53071 [MEDIUM] CWE-284 CVE-2025-53071: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Up Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Upload Attachments). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerabil

CVE-2025-50071 [MEDIUM] CWE-284 CVE-2025-50071: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: We Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Web Utilities). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. While the vulnerability is in Oracle Appli

CVE-2025-30718 [MEDIUM] CVE-2025-30718: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: At Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerabilit

CVE-2025-30711 [MEDIUM] CWE-284 CVE-2025-30711: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: At Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require huma

CVE-2024-21080 [MEDIUM] CVE-2024-21080: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: RE Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: REST Services). Supported versions that are affected are 12.2.9-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can resul

CVE-2023-22042 [MEDIUM] CVE-2023-22042: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Di Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.2.3-12.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a

CVE-2022-21636 [MEDIUM] CVE-2022-21636: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Se Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can

CVE-2022-21566 [HIGH] CVE-2022-21566: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Di Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.2.9-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result i

CVE-2022-21477 [MEDIUM] CVE-2022-21477: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: At Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human intera

CVE-2022-21468 [MEDIUM] CVE-2022-21468: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Po Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Supported versions that are affected are 12.2.4-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a pers

CVE-2021-2477 [MEDIUM] CVE-2021-2477: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Se Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerab

CVE-2021-2380 [HIGH] CVE-2021-2380: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: At Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require huma

CVE-2021-2200 [CRITICAL] CVE-2021-2200: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Ho Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Home page). The supported version that is affected is 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unau

CVE-2020-14746 [MEDIUM] CVE-2020-14746: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Po Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popup windows). Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human int

CVE-2020-14534 [HIGH] CVE-2020-14534: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Po Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). The supported version that is affected is 12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other

CVE-2020-14610 [HIGH] CWE-79 CVE-2020-14610: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: At Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). The supported version that is affected is 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interac

CVE-2020-14590 [LOW] CVE-2020-14590: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Pa Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Page Request). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability ca

CVE-2020-2890 [HIGH] CVE-2020-2890: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Di Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction

CVE-2020-2866 [MEDIUM] CVE-2020-2866: Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: At Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability