Total
27484 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-3533 | 1 Oracle | 1 Knowledge Management | 2017-09-01 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Search. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves multiple open redirect vulnerabilities, which allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2016-3532 | 1 Oracle | 1 Advanced Inbound Telephony | 2017-09-01 | 7.8 HIGH | 8.2 HIGH |
| Unspecified vulnerability in the Oracle Advanced Inbound Telephony component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to SDK client integration. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves multiple cross-site scripting (XSS) vulnerabilities, which allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-3531 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 3.5 LOW | 3.5 LOW |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to PC / Notification. | |||||
| CVE-2016-3530 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 7.5 HIGH | 7.1 HIGH |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect integrity and availability via vectors related to PGC / Import. | |||||
| CVE-2016-3529 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 5.0 MEDIUM | 5.8 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via vectors related to SDK, a different vulnerability than CVE-2016-3526 and CVE-2016-3560. | |||||
| CVE-2016-3528 | 1 Oracle | 1 Internet Expenses | 2017-09-01 | 7.8 HIGH | 7.5 HIGH |
| Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect availability via vectors related to Expenses Admin Utilities. | |||||
| CVE-2016-3527 | 1 Oracle | 1 Demand Planning | 2017-09-01 | 9.4 HIGH | 9.1 CRITICAL |
| Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 12.1 and 12.2 allows remote attackers to affect confidentiality and integrity via vectors related to ODPDA Servlet. | |||||
| CVE-2016-3526 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 7.8 HIGH | 7.5 HIGH |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality via vectors related to SDK, a different vulnerability than CVE-2016-3529 and CVE-2016-3560. | |||||
| CVE-2016-3525 | 1 Oracle | 1 Applications Manager | 2017-09-01 | 5.4 MEDIUM | 5.9 MEDIUM |
| Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3 allows remote attackers to affect confidentiality via vectors related to Cookie Management. | |||||
| CVE-2016-3524 | 1 Oracle | 1 E-business Suite | 2017-09-01 | 5.5 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration. | |||||
| CVE-2016-3523 | 1 Oracle | 1 Web Applications Desktop Integrator | 2017-09-01 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service. | |||||
| CVE-2016-3522 | 1 Oracle | 1 Web Applications Desktop Integrator | 2017-09-01 | 8.5 HIGH | 8.2 HIGH |
| Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service. | |||||
| CVE-2016-3520 | 1 Oracle | 1 E-business Suite | 2017-09-01 | 6.8 MEDIUM | 4.9 MEDIUM |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality via vectors related to AOL Diagnostic tests. | |||||
| CVE-2016-3519 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PC / Get Shortcut. | |||||
| CVE-2016-3518 | 1 Oracle | 1 Mysql | 2017-09-01 | 6.8 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. | |||||
| CVE-2016-3517 | 1 Oracle | 1 Agile Product Lifecycle Management Framework | 2017-09-01 | 4.3 MEDIUM | 4.3 MEDIUM |
| Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect integrity via vectors related to PC / Get Shortcut. | |||||
| CVE-2016-3516 | 1 Oracle | 1 Enterprise Communications Broker | 2017-09-01 | 4.0 MEDIUM | 3.1 LOW |
| Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentiality via vectors related to GUI, a different vulnerability than CVE-2016-3514. | |||||
| CVE-2016-3515 | 1 Oracle | 1 Enterprise Communications Broker | 2017-09-01 | 7.8 HIGH | 7.5 HIGH |
| Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2016-3514 | 1 Oracle | 1 Enterprise Communications Broker | 2017-09-01 | 6.8 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Enterprise Communications Broker component in Oracle Communications Applications before PCz 2.0.0m4p1 allows remote authenticated users to affect confidentiality via vectors related to GUI, a different vulnerability than CVE-2016-3516. | |||||
| CVE-2016-3513 | 1 Oracle | 1 Communications Operations Monitor | 2017-09-01 | 6.8 MEDIUM | 6.5 MEDIUM |
| Unspecified vulnerability in the Oracle Communications Operations Monitor component in Oracle Communications Applications before 3.3.92.0.0 allows remote authenticated users to affect confidentiality via vectors related to Infrastructure. | |||||