Oracle Supply Chain Products Suite vulnerabilities

CVE-2026-21940 [HIGH] CWE-200 CVE-2026-21940: Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: User and User Group Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: User and User Group). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attacks of this vulnerability can result in unauthorized access

CVE-2015-4924 [LOW] CVE-2015-4924: Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9. Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.1.1, 9.3.1.2, 9.3.2, and 9.3.3 allows remote authenticated users to affect integrity via vectors related to Security.

CVE-2015-4917 [LOW] CVE-2015-4917: Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9. Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-4892.

CVE-2015-4847 [MEDIUM] CVE-2015-4847: Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to OCI.

CVE-2015-4848 [MEDIUM] CVE-2015-4848: Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Integration with Peoplesoft.

CVE-2015-4797 [LOW] CVE-2015-4797: Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9. Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.3 allows remote authenticated users to affect integrity via unknown vectors related to Security.

CVE-2015-4824 [LOW] CVE-2015-4824: Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9. Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.

CVE-2015-4892 [LOW] CVE-2015-4892: Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9. Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-4917.

CVE-2015-2663 [HIGH] CVE-2015-2663: Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, and 6.3.0 through 6.3.7 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Business Process Automation.

CVE-2015-4746 [MEDIUM] CVE-2015-4746: Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0.0.7, 6.1.0.3, 6.1.1.5, and 6.2.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Global Spec Management.

CVE-2015-2644 [MEDIUM] CVE-2015-2644: Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Product Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.3 allows remote attackers to affect confidentiality via unknown vectors related to Security.

CVE-2015-2657 [MEDIUM] CVE-2015-2657: Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, and 6.3.0 through 6.3.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Business Process Automation.

CVE-2015-4768 [MEDIUM] CVE-2015-4768: Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, and 6.3.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Diagnostics.

CVE-2015-2660 [LOW] CVE-2015-2660: Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9. Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality and integrity via vectors related to Oracle Agile PLM Framework.

CVE-2015-4763 [LOW] CVE-2015-4763: Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9. Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security.

CVE-2015-1793 [MEDIUM] CWE-254 CVE-2015-1793: The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2 The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid lea

CVE-2015-0464 [MEDIUM] CVE-2015-0464: Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote attackers to affect confidentiality via unknown vectors related to Security.

CVE-2015-0462 [MEDIUM] CVE-2015-0462: Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, and 6.3.6 allows remote authenticated users to affect confidentiality via unknown vectors related to Security.

CVE-2015-2570 [MEDIUM] CVE-2015-2570: Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Su Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, and 12.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Security.

CVE-2015-0490 [MEDIUM] CVE-2015-0490: Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply Chain Products Suite 6.1.3.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to BAS - Base Component.