| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager. |
| Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote attackers to affect confidentiality via vectors related to REST Framework, a different vulnerability than CVE-2016-0457. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability, which allows remote attackers to read arbitrary files, cause a denial of service, conduct server-side request forgery (SSRF) attacks, or conduct SMB Relay attacks via a crafted DTD in an XML request to OA_HTML/copxmllcmservicecontroller.js. |
| Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to AP Web Utilities. |
| Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Business Views Catalog. |
| Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Self Service - Common Modules. |
| Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components. |
| Unspecified vulnerability in the Technology stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Applet startup. |
| Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to General utilities, a different vulnerability than CVE-2016-0517. |
| Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Redirection. |
| Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Work Provider Administration. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Single Signon. |
| Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Administration, a different vulnerability than CVE-2016-0557. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Password Management. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity, related to HTML Pages. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Document Repository. |
| Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Runtime Catalog. |
| Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Financials Business Intelligence. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity, related to REST Services. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Change Password Page. |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.2 and 12.1.3 allows remote authenticated users to affect confidentiality, related to REST Services (Menu, LOV). |
