Oracle Jd Edwards Enterpriseone Tools vulnerabilities
150 known vulnerabilities affecting oracle/jd_edwards_enterpriseone_tools.
Total CVEs
150
CISA KEV
2
actively exploited
Public exploits
10
Exploited in wild
3
Severity breakdown
CRITICAL18HIGH53MEDIUM77LOW2
Vulnerabilities
Page 1 of 8
CVE-2026-21946MEDIUMCVSS 6.1≥ 9.2.0.0, ≤ 9.2.26.02026-01-20
CVE-2026-21946 [MEDIUM] CWE-79 CVE-2026-21946: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.26.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interacti
nvd
CVE-2025-53060MEDIUMCVSS 6.1≥ 9.2.0.0, ≤ 9.2.9.42025-10-21
CVE-2025-53060 [MEDIUM] CWE-284 CVE-2025-53060: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interacti
nvd
CVE-2025-53056MEDIUMCVSS 6.1≥ 9.2.0.0, ≤ 9.2.9.42025-10-21
CVE-2025-53056 [MEDIUM] CWE-285 CVE-2025-53056: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Object
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Object and Environment Tech). Supported versions that are affected are 9.2.0.0-9.2.9.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require huma
nvd
CVE-2025-30760MEDIUMCVSS 5.4≥ 9.2.0.0, ≤ 9.2.9.32025-07-15
CVE-2025-30760 [MEDIUM] CWE-284 CVE-2025-30760: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability ca
nvd
CVE-2025-30740MEDIUMCVSS 6.5≥ 9.2.0.0, ≤ 9.2.9.22025-04-15
CVE-2025-30740 [MEDIUM] CWE-284 CVE-2025-30740: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability ca
nvd
CVE-2025-21586MEDIUMCVSS 5.4≥ 9.2.0.0, ≤ 9.2.9.22025-04-15
CVE-2025-21586 [MEDIUM] CWE-284 CVE-2025-21586: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interactio
nvd
CVE-2025-30709MEDIUMCVSS 6.1≥ 9.2.0.0, ≤ 9.2.9.22025-04-15
CVE-2025-30709 [MEDIUM] CWE-284 CVE-2025-30709: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interacti
nvd
CVE-2025-21524CRITICALCVSS 9.8fixed in 9.2.9.02025-01-21
CVE-2025-21524 [CRITICAL] CWE-306 CVE-2025-21524: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitor
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of th
nvd
CVE-2025-21510HIGHCVSS 7.5fixed in 9.2.9.02025-01-21
CVE-2025-21510 [HIGH] CWE-203 CVE-2025-21510: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability ca
nvd
CVE-2025-21515HIGHCVSS 8.8fixed in 9.2.9.02025-01-21
CVE-2025-21515 [HIGH] CWE-306 CVE-2025-21515: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can
nvd
CVE-2025-21511HIGHCVSS 7.5fixed in 9.2.9.02025-01-21
CVE-2025-21511 [HIGH] CWE-346 CVE-2025-21511: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability ca
nvd
CVE-2025-21509MEDIUMCVSS 6.5fixed in 9.2.9.02025-01-21
CVE-2025-21509 [MEDIUM] CWE-770 CVE-2025-21509: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability c
nvd
CVE-2025-21513MEDIUMCVSS 6.1fixed in 9.2.9.02025-01-21
CVE-2025-21513 [MEDIUM] CWE-352 CVE-2025-21513: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interact
nvd
CVE-2025-21508MEDIUMCVSS 6.5fixed in 9.2.9.02025-01-21
CVE-2025-21508 [MEDIUM] CWE-770 CVE-2025-21508: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability c
nvd
CVE-2025-21512MEDIUMCVSS 6.1fixed in 9.2.9.02025-01-21
CVE-2025-21512 [MEDIUM] CWE-601 CVE-2025-21512: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interact
nvd
CVE-2025-21517MEDIUMCVSS 4.3fixed in 9.2.9.02025-01-21
CVE-2025-21517 [MEDIUM] CWE-863 CVE-2025-21517: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability c
nvd
CVE-2025-21514MEDIUMCVSS 5.3fixed in 9.2.9.02025-01-21
CVE-2025-21514 [MEDIUM] CWE-862 CVE-2025-21514: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability
nvd
CVE-2025-21527MEDIUMCVSS 6.1fixed in 9.2.9.02025-01-21
CVE-2025-21527 [MEDIUM] CWE-862 CVE-2025-21527: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design Tools SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interact
nvd
CVE-2025-21507MEDIUMCVSS 5.4fixed in 9.2.9.02025-01-21
CVE-2025-21507 [MEDIUM] CWE-352 CVE-2025-21507: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interacti
nvd
CVE-2024-21245MEDIUMCVSS 5.4fixed in 9.2.9.02025-01-21
CVE-2024-21245 [MEDIUM] CWE-346 CVE-2024-21245: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Busines
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Business Logic Infra SEC). Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human
nvd
1 / 8Next →