Oracle E-business Suite — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle E-business Suite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2008-0344 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote attack…
CVE-2007-5528 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.2 have unknown impact and attack vectors related to (1) Public Sector…
CVE-2008-0340 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and…
CVE-2004-0385 — CVSS 10.0 (critical): Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers…
CVE-2006-1880 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, as…
CVE-2006-1881 — CVSS 10.0 (critical): Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite and Applications 11.5.9 has unknown…
CVE-2006-1882 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as…
CVE-2006-1883 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite and Applications 11.5.10CU1 has…
CVE-2006-1884 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has…
CVE-2006-3716 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka…
CVE-2006-3717 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle…
CVE-2006-5348 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications…
CVE-2008-1826 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Advanced…
CVE-2006-5354 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5, Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0…
CVE-2006-5355 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0…
CVE-2006-5359 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle Reports Developer component in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and Oracle…
CVE-2006-5365 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Forms in Oracle Application Server 9.0.4.3 and 10.1.2.0.2, and E-Business Suite and Applications…
CVE-2006-5368 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Exchange component in Oracle E-Business Suite 6.2.4 has unknown impact and remote attack vectors, aka…
CVE-2006-5369 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Application Object Library in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote…
CVE-2006-5370 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka…
CVE-2008-0349 — CVSS 10.0 (critical): Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.15 and 8.49.07 has…
CVE-2015-4798 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote…
CVE-2015-4839 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote…
CVE-2007-2126 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle E-Business Suite 11.5.10CU2 has unknown impact and remote attack vectors in the (1) Common Applications…
CVE-2007-2127 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via (1) Application…
CVE-2008-0348 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.18…
CVE-2008-0347 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and…
CVE-2008-0346 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Jinitiator component in Oracle Application Server 1.3.1.27 and E-Business Suite 11.5.10.2 has…
CVE-2008-0345 — CVSS 10.0 (critical): Unspecified vulnerability in the Core RDBMS component in Oracle Database 11.1.0.6 has unknown impact and remote attack vectors, aka DB08.
CVE-2008-0343 — CVSS 10.0 (critical): Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has unknown…
CVE-2004-0543 — CVSS 10.0 (critical): Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers…
CVE-2005-3455 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors…
CVE-2005-3457 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as…
CVE-2005-3459 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified…
CVE-2006-0277 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as…
CVE-2006-0278 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unspecified impact and attack vectors, as…
CVE-2006-0279 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 4.3 have unspecified impact and attack vectors, as…
CVE-2006-0284 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle Application Server 9.0.4.2 and 10.1.2.0.2, and E-Business Suite and Applications 11.5.10…
CVE-2006-0288 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in the Oracle Reports Developer component of Oracle Application Server 9.0.4.1 and E-Business Suite…
CVE-2006-0289 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle Application Server 6.0.8.26(PS17) and E-Business Suite and Applications 11.5.10 have…
CVE-2006-0290 — CVSS 10.0 (critical): Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2…
CVE-2006-0291 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0.1, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite…
CVE-2004-1363 — CVSS 9.8 (critical): Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name…
CVE-2025-30727 — CVSS 9.8 (critical): Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Supported versions that are affected…
CVE-2026-46817 — CVSS 9.8 (critical): Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are…
CVE-2007-2170 — CVSS 9.4 (critical): The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete…
CVE-2026-46819 — CVSS 9.1 (critical): Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (component: Internal Operations). Supported…
CVE-2019-2453 — CVSS 9.1 (critical): Vulnerability in the Oracle Performance Management component of Oracle E-Business Suite (subcomponent: Performance Management Plan)…
CVE-2018-2656 — CVSS 9.1 (critical): Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Manager Server). Supported versions…
CVE-2019-2489 — CVSS 9.1 (critical): Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: OCM Query). Supported versions that…
CVE-2004-1371 — CVSS 9.0 (critical): Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a…
CVE-2006-5372 — CVSS 9.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated…
CVE-2006-5373 — CVSS 9.0 (critical): Unspecified vulnerability in Oracle Install Base component in Oracle E-Business Suite 11.5.10CU1 has unknown impact and remote…
CVE-2007-2130 — CVSS 9.0 (critical): Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server…
CVE-2006-5367 — CVSS 9.0 (critical): Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack…
CVE-2007-2128 — CVSS 9.0 (critical): Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated…
CVE-2006-5371 — CVSS 9.0 (critical): Unspecified vulnerability in Oracle Email Center component in Oracle E-Business Suite 11.5.9 has unknown impact and remote authenticated…
CVE-2026-46837 — CVSS 8.8 (high): Vulnerability in the Oracle Flow Manufacturing product of Oracle E-Business Suite (component: Security). Supported versions that are…
CVE-2026-46827 — CVSS 8.8 (high): Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are…
CVE-2026-46826 — CVSS 8.8 (high): Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are…
CVE-2004-1364 — CVSS 8.5 (high): Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the…
CVE-2019-2470 — CVSS 8.2 (high): Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Detail). Supported versions that…
CVE-2019-2400 — CVSS 8.2 (high): Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Registration). Supported versions that are…
CVE-2019-2498 — CVSS 8.2 (high): Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Dash board). Supported versions…
CVE-2019-2440 — CVSS 8.2 (high): Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are…
CVE-2019-2551 — CVSS 8.2 (high): Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Print Server). Supported versions…
CVE-2019-2497 — CVSS 8.2 (high): Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Messages). Supported versions that…
CVE-2024-21270 — CVSS 8.1 (high): Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Supported versions that are…
CVE-2025-21516 — CVSS 8.1 (high): Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service Requests). Supported versions that are…
CVE-2025-21506 — CVSS 8.1 (high): Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component: Technology Foundation). Supported versions…
CVE-2024-21282 — CVSS 8.1 (high): Vulnerability in the Oracle Financials product of Oracle E-Business Suite (component: Common Components). Supported versions that are…
CVE-2024-21279 — CVSS 8.1 (high): Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite (component: Auctions). Supported versions that are affected are…
CVE-2024-21278 — CVSS 8.1 (high): Vulnerability in the Oracle Contract Lifecycle Management for Public Sector product of Oracle E-Business Suite (component: Award…
CVE-2024-21277 — CVSS 8.1 (high): Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite (component: Device Integration). Supported…
CVE-2024-21276 — CVSS 8.1 (high): Vulnerability in the Oracle Work in Process product of Oracle E-Business Suite (component: Messages). Supported versions that are affected…
CVE-2024-21275 — CVSS 8.1 (high): Vulnerability in the Oracle Quoting product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected…
CVE-2024-21271 — CVSS 8.1 (high): Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Field Service Engineer Portal). Supported versions…
CVE-2026-46828 — CVSS 8.1 (high): Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are…
CVE-2024-21269 — CVSS 8.1 (high): Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: Compensation Plan). Supported versions…
CVE-2024-21268 — CVSS 8.1 (high): Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are…
CVE-2024-21267 — CVSS 8.1 (high): Vulnerability in the Oracle Cost Management product of Oracle E-Business Suite (component: Cost Planning). Supported versions that are…
CVE-2024-21266 — CVSS 8.1 (high): Vulnerability in the Oracle Advanced Pricing product of Oracle E-Business Suite (component: Price List). Supported versions that are…
CVE-2024-21265 — CVSS 8.1 (high): Vulnerability in the Oracle Site Hub product of Oracle E-Business Suite (component: Site Hierarchy Flows). Supported versions that are…
CVE-2004-1368 — CVSS 7.8 (high): ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file…
CVE-2007-2135 — CVSS 7.8 (high): The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FND_DOCUMENTS…
CVE-2006-5346 — CVSS 7.6 (high): Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, as used in Oracle Collaboration Suite 9.0.4.2 and Oracle E-Business Suite and…
CVE-2002-1882 — CVSS 7.5 (high): Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user…
CVE-2007-3865 — CVSS 7.5 (high): Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 12.0.1 has unknown impact and remote…
CVE-2007-3866 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via…
CVE-2003-0632 — CVSS 7.5 (high): Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1…
CVE-2007-3867 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 have unknown impact and attack vectors, related to (1) APPS04…
CVE-2007-5527 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and remote attack vectors, related to (1)…
CVE-2007-5529 — CVSS 7.5 (high): Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only installations of Oracle E-Business Suite…
CVE-2007-5766 — CVSS 7.5 (high): SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands…
CVE-2007-0279 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and Oracle E-Business Suite and Applications 11.5.10CU2 have unknown…
CVE-2009-1000 — CVSS 7.5 (high): The Oracle Applications Framework component in Oracle E-Business Suite 12.0.6 and 11i10CU2 uses default passwords for unspecified "FND…
CVE-2006-1037 — CVSS 7.5 (high): SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via…
CVE-2022-21500 — CVSS 7.5 (high): Vulnerability in Oracle E-Business Suite (component: Manage Proxies). The supported version that is affected is 12.2. Easily exploitable…
CVE-2006-1035 — CVSS 7.5 (high): Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to access diagnostics tests via unknown…
CVE-2024-21088 — CVSS 7.5 (high): Vulnerability in the Oracle Production Scheduling product of Oracle E-Business Suite (component: Import Utility). Supported versions that…
CVE-2004-1370 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to…
CVE-2006-0552 — CVSS 7.5 (high): Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has…
CVE-2023-21849 — CVSS 7.5 (high): Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java utils). Supported versions that are…
CVE-2010-0908 — CVSS 7.5 (high): Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.2 allows remote attackers to…
CVE-2004-1362 — CVSS 7.5 (high): The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform…
CVE-2014-4278 — CVSS 7.5 (high): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3…
CVE-2018-2804 — CVSS 7.4 (high): Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: DB Privileges). Supported…
CVE-2026-46818 — CVSS 7.4 (high): Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are…
CVE-2001-0528 — CVSS 7.2 (high): Oracle E-Business Suite Release 11i Applications Desktop Integrator (ADI) version 7.x includes a debug version of FNDPUB11I.DLL, which logs…
CVE-2006-5350 — CVSS 7.2 (high): Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and…
CVE-2015-4849 — CVSS 6.8 (medium): Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows…
CVE-2015-4851 — CVSS 6.8 (medium): Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows…
CVE-2009-0999 — CVSS 6.8 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 allows remote attackers to…
CVE-2008-2606 — CVSS 6.5 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.4 has unknown impact and…
CVE-2008-2596 — CVSS 6.5 (medium): Unspecified vulnerability in the Mobile Application Server component in Oracle E-Business Suite 12.0.3 has unknown impact and remote…
CVE-2008-2585 — CVSS 6.5 (medium): Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 12.0.4 has unknown impact and remote…
CVE-2008-2610 — CVSS 6.5 (medium): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 has unknown impact and…
CVE-2023-22093 — CVSS 6.5 (medium): Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Requisition and Vacancy). Supported versions that…
CVE-2012-3190 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and…
CVE-2012-3196 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3…
CVE-2014-6583 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2…
CVE-2016-0524 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to…
CVE-2010-0077 — CVSS 6.4 (medium): Unspecified vulnerability in the CRM Technical Foundation (mobile) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2…
CVE-2010-0859 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 ATG RUP6 allows remote…
CVE-2014-6572 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.0.4, 12.0.5, 12.0.6, 12.1.1…
CVE-2014-6581 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6…
CVE-2016-0516 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Quality component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect…
CVE-2016-0515 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to…
CVE-2016-0514 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to…
CVE-2013-0397 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows…
CVE-2013-0382 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows…
CVE-2012-0537 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3 allows remote attackers to…
CVE-2015-4886 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4…
CVE-2016-0510 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to…
CVE-2016-0511 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to…
CVE-2016-0512 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect…
CVE-2016-0528 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3…
CVE-2013-0381 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows…
CVE-2016-0527 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3…
CVE-2016-0518 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect…
CVE-2016-0517 — CVSS 6.4 (medium): Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect…
CVE-2023-22035 — CVSS 6.1 (medium): Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Supported versions that are affected…
CVE-2019-10219 — CVSS 6.1 (medium): A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of…
CVE-2025-21489 — CVSS 6.1 (medium): Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Supported versions…
CVE-2023-22076 — CVSS 6.1 (medium): Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that…
CVE-2008-7238 — CVSS 6.0 (medium): Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 allow (1) local users to affect confidentiality and integrity via…
CVE-2015-0393 — CVSS 6.0 (medium): Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3…
CVE-2009-1980 — CVSS 6.0 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows…
CVE-2021-45105 — CVSS 5.9 (medium): Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from…
CVE-2010-2388 — CVSS 5.8 (medium): Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to…
CVE-2010-0868 — CVSS 5.8 (medium): Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers…
CVE-2012-3218 — CVSS 5.5 (medium): Unspecified vulnerability in the Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote…
CVE-2007-0290 — CVSS 5.5 (medium): Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors related…
CVE-2007-3854 — CVSS 5.5 (medium): Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown…
CVE-2008-2601 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 12.0.4 has unknown impact and remote authenticated…
CVE-2008-5458 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 and CU2 allows remote…
CVE-2009-3400 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle Advanced Benefits component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows remote…
CVE-2010-0915 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle Advanced Product Catalog component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows…
CVE-2013-3756 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle Landed Cost Management component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows…
CVE-2013-5890 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2…
CVE-2014-2482 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle Concurrent Processing component in Oracle E-Business Suite 12.1.3, 12.2.2, and 12.2.3 allows remote…
CVE-2015-1926 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle…
CVE-2016-0556 — CVSS 5.5 (medium): Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3…
CVE-2025-50090 — CVSS 5.4 (medium): Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that…
CVE-2009-3392 — CVSS 5.4 (medium): Unspecified vulnerability in the Agile Engineering Data Management (EDM) component in Oracle E-Business Suite 6.1.0.0 allows remote…
CVE-2017-3515 — CVSS 5.4 (medium): Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: User Name/Password Management). Supported…
CVE-2023-21847 — CVSS 5.4 (medium): Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Download). Supported…
CVE-2016-3524 — CVSS 5.4 (medium): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and…
CVE-2018-2934 — CVSS 5.3 (medium): Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). The…
CVE-2019-2488 — CVSS 5.3 (medium): Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Session Management). Supported…
CVE-2018-2866 — CVSS 5.3 (medium): Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported…
CVE-2018-2867 — CVSS 5.3 (medium): Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions…
CVE-2018-2873 — CVSS 5.3 (medium): Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported…
CVE-2018-2865 — CVSS 5.3 (medium): Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported…
CVE-2018-2864 — CVSS 5.3 (medium): Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions…
CVE-2018-2872 — CVSS 5.3 (medium): Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported…
CVE-2009-3408 — CVSS 5.1 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 allows remote attackers to…
CVE-2015-2652 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3…
CVE-2014-6582 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6…
CVE-2003-0633 — CVSS 5.0 (medium): Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8…
CVE-2010-0861 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows…
CVE-2004-1369 — CVSS 5.0 (medium): The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR…
CVE-2013-2388 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3…
CVE-2012-3171 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3…
CVE-2007-0285 — CVSS 5.0 (medium): Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 9.0.4.2 and 10.1.2; and…
CVE-2003-1116 — CVSS 5.0 (medium): The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0…
CVE-2008-3988 — CVSS 5.0 (medium): Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote attackers to…
CVE-2010-0075 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.1 allows…
CVE-2016-0457 — CVSS 5.0 (medium): Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows…
CVE-2016-0456 — CVSS 5.0 (medium): Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows…
CVE-2014-6472 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2…
CVE-2015-4884 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3…
CVE-2012-3222 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3…
CVE-2009-3395 — CVSS 5.0 (medium): Unspecified vulnerability in the AutoVue component in Oracle E-Business Suite 19.3.2 allows remote attackers to affect availability via…
CVE-2015-2615 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6, 12.1.3, and 12.2.3 allows…
CVE-2002-1666 — CVSS 5.0 (medium): Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by…
CVE-2016-0526 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4…
CVE-2013-5792 — CVSS 5.0 (medium): Unspecified vulnerability in the Techstack component in Oracle E-Business Suite 12.1 allows remote attackers to affect confidentiality via…
CVE-2008-3985 — CVSS 5.0 (medium): Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.4 allows remote attackers…