Oracle Transportation Management — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Transportation Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2019-17563 — CVSS 7.5 (high): When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where…
CVE-2016-3470 — CVSS 7.1 (high): Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.4.1 allows remote…
CVE-2020-9484 — CVSS 7.0 (high): When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is…
CVE-2019-2487 — CVSS 6.5 (medium): Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure)…
CVE-2018-2823 — CVSS 6.5 (medium): Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database). The…
CVE-2022-21480 — CVSS 6.1 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: User Interface). Supported versions that…
CVE-2019-2709 — CVSS 6.1 (medium): Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported…
CVE-2019-11358 — CVSS 6.1 (medium): jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of…
CVE-2017-3530 — CVSS 6.1 (medium): Vulnerability in the Oracle Transportation Manager component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported…
CVE-2022-39420 — CVSS 5.4 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Functional Security). Supported…
CVE-2017-10032 — CVSS 5.4 (medium): Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Access Control List)…
CVE-2018-2662 — CVSS 5.4 (medium): Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported…
CVE-2020-2744 — CVSS 5.4 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). Supported versions that are…
CVE-2021-35616 — CVSS 5.4 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). The supported version…
CVE-2022-21591 — CVSS 5.4 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). Supported versions…
CVE-2021-2476 — CVSS 5.3 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Authentication). The supported version…
CVE-2015-3195 — CVSS 5.3 (medium): The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and…
CVE-2022-39411 — CVSS 4.9 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Supported…
CVE-2020-1935 — CVSS 4.8 (medium): In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line…
CVE-2019-17569 — CVSS 4.8 (medium): The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the…
CVE-2018-2631 — CVSS 4.3 (medium): Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported…
CVE-2020-14544 — CVSS 4.3 (medium): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security). The…
CVE-2016-3490 — CVSS 3.0 (low): Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.0, 6.3.1, 6.3.2…
CVE-2022-39409 — CVSS 2.7 (low): Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Supported…