cbcvebase.

Oracle E-Business Suite vulnerabilities

331 known vulnerabilities affecting oracle/e-business_suite.

Total CVEs
331
CISA KEV
1
actively exploited
Public exploits
5
Exploited in wild
1
Severity breakdown
CRITICAL55HIGH50MEDIUM184LOW42

Vulnerabilities

Page 5 of 17
CVE-2016-0527MEDIUMCVSS 6.4v12.1.1v12.1.2+4 more2016-01-21
CVE-2016-0527 [MEDIUM] CVE-2016-0527: Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to User GUI, a different vulnerability than CVE-2016-0528, CVE-2016-0529, and CVE-2016-0530.
nvd
CVE-2016-0517MEDIUMCVSS 6.4v11.5.10.22016-01-21
CVE-2016-0517 [MEDIUM] CVE-2016-0517: Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10 Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to General utilities, a different vulnerability than CVE-2016-0518.
nvd
CVE-2016-0516MEDIUMCVSS 6.4v11.5.10.22016-01-21
CVE-2016-0516 [MEDIUM] CVE-2016-0516: Unspecified vulnerability in the Oracle Quality component in Oracle E-Business Suite 11.5.10.2 allow Unspecified vulnerability in the Oracle Quality component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to QA / Order Management Integration.
nvd
CVE-2016-0575MEDIUMCVSS 4.3v11.5.10.22016-01-21
CVE-2016-0575 [MEDIUM] CVE-2016-0575: Unspecified vulnerability in the Oracle Learning Management component in Oracle E-Business Suite 11. Unspecified vulnerability in the Oracle Learning Management component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to OTA Self Service.
nvd
CVE-2016-0456MEDIUMCVSS 5.0v12.1v12.22016-01-21
CVE-2016-0456 [MEDIUM] CVE-2016-0456: Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Bu Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to REST Framework, a different vulnerability than CVE-2016-0457. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-part
nvd
CVE-2016-0515MEDIUMCVSS 6.4v11.5.10.22016-01-21
CVE-2016-0515 [MEDIUM] CVE-2016-0515: Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0514.
nvd
CVE-2016-0454LOWCVSS 2.1v12.1v12.22016-01-21
CVE-2016-0454 [LOW] CVE-2016-0454: Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Su Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager.
nvd
CVE-2015-4926LOWCVSS 2.6v11.5.10.2v12.1+1 more2016-01-21
CVE-2015-4926 [LOW] CVE-2015-4926: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect integrity via vectors related to UIX.
nvd
CVE-2015-4798CRITICALCVSS 10.0v11.5.10.22015-10-21
CVE-2015-4798 [CRITICAL] CVE-2015-4798: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Listener, a different vulnerability than CVE-2015-4839.
nvd
CVE-2015-4839CRITICALCVSS 10.0v11.5.10.22015-10-21
CVE-2015-4839 [CRITICAL] CVE-2015-4839: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Listener, a different vulnerability than CVE-2015-4798.
nvd
CVE-2015-4854MEDIUMCVSS 4.3v12.0.6v12.1.3+2 more2015-10-21
CVE-2015-4854 [MEDIUM] CVE-2015-4854: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Single Signon. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue is a cro
nvd
CVE-2015-4849MEDIUMCVSS 6.8v11.5.10.2v12.0.6+3 more2015-10-21
CVE-2015-4849 [MEDIUM] CVE-2015-4849: Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 11.5.10.2, 12. Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Punch-in. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims t
nvd
CVE-2015-4884MEDIUMCVSS 5.0v11.5.10.2v12.0.6+3 more2015-10-21
CVE-2015-4884 [MEDIUM] CVE-2015-4884: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Single Signon.
nvd
CVE-2015-4886MEDIUMCVSS 6.4v11.5.10.2v12.0.6+3 more2015-10-21
CVE-2015-4886 [MEDIUM] CVE-2015-4886: Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10. Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Reports Security. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims th
nvd
CVE-2015-4851MEDIUMCVSS 6.8v12.0.6v12.1.3+2 more2015-10-21
CVE-2015-4851 [MEDIUM] CVE-2015-4851: Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6 Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to XML input. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this i
nvd
CVE-2015-4898MEDIUMCVSS 4.0v11.5.10.2v12.0.6+3 more2015-10-21
CVE-2015-4898 [MEDIUM] CVE-2015-4898: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via vectors related to Diagnostics and DMZ.
nvd
CVE-2015-4762MEDIUMCVSS 4.0v12.2.3v12.2.42015-10-21
CVE-2015-4762 [MEDIUM] CVE-2015-4762: Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Online patching.
nvd
CVE-2015-4845MEDIUMCVSS 4.3v11.5.10.2v12.0.6+3 more2015-10-21
CVE-2015-4845 [MEDIUM] CVE-2015-4845: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via vectors related to Java APIs - AOL/J. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this i
nvd
CVE-2015-4865LOWCVSS 2.1v12.1.3v12.2.3+1 more2015-10-21
CVE-2015-4865 [LOW] CVE-2015-4865: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality via vectors related to Business Objects - BC4J.
nvd
CVE-2015-4846LOWCVSS 3.6v11.5.10.2v12.0.6+3 more2015-10-21
CVE-2015-4846 [LOW] CVE-2015-4846: Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11 Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality and integrity via vectors related to SQL Extensions. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims
nvd
← Previous5 / 17Next →