Oracle E-Business Suite vulnerabilities
331 known vulnerabilities affecting oracle/e-business_suite.
Total CVEs
331
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
1
Severity breakdown
CRITICAL55HIGH50MEDIUM184LOW42
Vulnerabilities
Page 13 of 17
CVE-2008-5446LOWCVSS 3.5v11.52009-01-14
CVE-2008-5446 [LOW] CVE-2008-5446: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is related to unres
nvd
CVE-2008-5450LOWCVSS 1.2v11.52009-01-14
CVE-2008-5450 [LOW] CVE-2008-5450: Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Busi
Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows local users to affect confidentiality via unknown vectors.
nvd
CVE-2008-3998MEDIUMCVSS 4.9v12.0.42008-10-14
CVE-2008-3998 [MEDIUM] CVE-2008-3998: Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows re
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
nvd
CVE-2008-3988MEDIUMCVSS 5.0v10.2v11.5+1 more2008-10-14
CVE-2008-3988 [MEDIUM] CVE-2008-3988: Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and
Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.
nvd
CVE-2008-3985MEDIUMCVSS 5.0v12.0.42008-10-14
CVE-2008-3985 [MEDIUM] CVE-2008-3985: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 allows remote attackers to affect confidentiality via unknown vectors.
nvd
CVE-2008-3993LOWCVSS 3.5v10.2v11.5+1 more2008-10-14
CVE-2008-3993 [LOW] CVE-2008-3993: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors.
nvd
CVE-2008-2619LOWCVSS 1.7v11.5.10.22008-10-14
CVE-2008-2619 [LOW] CVE-2008-2619: Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors.
nvd
CVE-2008-2596MEDIUMCVSS 6.5v12.0.32008-07-15
CVE-2008-2596 [MEDIUM] CVE-2008-2596: Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0
Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0.3 has unknown impact and remote authenticated attack vectors.
nvd
CVE-2008-2610MEDIUMCVSS 6.5v12.0.42008-07-15
CVE-2008-2610 [MEDIUM] CVE-2008-2610: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business
Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
nvd
CVE-2008-2585MEDIUMCVSS 6.5v12.0.42008-07-15
CVE-2008-2585 [MEDIUM] CVE-2008-2585: Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 h
Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
nvd
CVE-2008-2606MEDIUMCVSS 6.5v12.0.42008-07-15
CVE-2008-2606 [MEDIUM] CVE-2008-2606: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2586.
nvd
CVE-2008-2586MEDIUMCVSS 4.0v12.0.42008-07-15
CVE-2008-2586 [MEDIUM] CVE-2008-2586: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors, a different vulnerability than CVE-2008-2606.
nvd
CVE-2008-2601MEDIUMCVSS 5.5v12.0.42008-07-15
CVE-2008-2601 [MEDIUM] CVE-2008-2601: Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unkno
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated attack vectors.
nvd
CVE-2008-1826CRITICALCVSS 10.0v11.5.10.22008-04-16
CVE-2008-1826 [CRITICAL] CVE-2008-1826: Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and at
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Advanced Pricing, aka (1) APP01 and (2) APP10; and (b) Applications Framework, aka (3) APP05.
nvd
CVE-2008-0348CRITICALCVSS 10.0v11.5.9v11.5.10+5 more2008-01-17
CVE-2008-0348 [CRITICAL] CVE-2008-0348: Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise an
Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18, 8.48.15, and 8.49.07 have unknown impact and remote attack vectors, aka (1) PSE01, (2) PSE03, and (3) PSE04.
nvd
CVE-2008-0344CRITICALCVSS 10.0v11.5.9v11.5.10+5 more2008-01-17
CVE-2008-0344 [CRITICAL] CVE-2008-0344: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 h
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack vectors, aka DB07.
nvd
CVE-2008-0345CRITICALCVSS 10.0v11.5.9v11.5.10+5 more2008-01-17
CVE-2008-0345 [CRITICAL] CVE-2008-0345: Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact
Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.
nvd
CVE-2008-0349CRITICALCVSS 10.0v11.5.9v11.5.10+5 more2008-01-17
CVE-2008-0349 [CRITICAL] CVE-2008-0349: Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has unknown impact and remote attack vectors, aka PSE02.
nvd
CVE-2008-0346CRITICALCVSS 10.0v11.5.9v11.5.10+5 more2008-01-17
CVE-2008-0346 [CRITICAL] CVE-2008-0346: Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 a
Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka AS01.
nvd
CVE-2008-0340CRITICALCVSS 10.0v11.5.9v11.5.10+5 more2008-01-17
CVE-2008-0340 [CRITICAL] CVE-2008-0340: Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5,
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04).
nvd