Oracle

Agile Product Lifecycle Management For Process

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2024-21091

  • EPSS 0.49%
  • Veröffentlicht 16.04.2024 22:15:29
  • Zuletzt bearbeitet 29.05.2025 19:22:56

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Data Import). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker w...

8.1

CVE-2024-21092

  • EPSS 1.17%
  • Veröffentlicht 16.04.2024 22:15:29
  • Zuletzt bearbeitet 06.12.2024 21:35:54

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privil...

7.3

CVE-2024-20956

  • EPSS 0.14%
  • Veröffentlicht 17.02.2024 02:15:49
  • Zuletzt bearbeitet 27.11.2024 16:37:04

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Installation). Supported versions that are affected are Prior to 6.2.4.2. Easily exploitable vulnerability allows unauthenticated a...

5.1

CVE-2021-2351

Exploit
  • EPSS 2.88%
  • Veröffentlicht 21.07.2021 15:15:21
  • Zuletzt bearbeitet 21.11.2024 06:02:56

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...

6.1

CVE-2020-11022

Exploit
  • EPSS 18.04%
  • Veröffentlicht 29.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...

6.1

CVE-2019-11358

Exploit
  • EPSS 0.94%
  • Veröffentlicht 20.04.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:56

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...

5

CVE-2018-3134

  • EPSS 0.09%
  • Veröffentlicht 17.10.2018 01:31:16
  • Zuletzt bearbeitet 21.11.2024 04:05:13

Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: User Group Management). The supported version that is affected is 6.2.0.0. Difficult to exploit vulnerability al...

4

CVE-2018-3069

  • EPSS 0.22%
  • Veröffentlicht 18.07.2018 13:29:08
  • Zuletzt bearbeitet 21.11.2024 04:05:05

Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). The supported version that is affected is 6.2.0.0. Easily exploitable vulnerability allows high p...

6.1

CVE-2018-2572

  • EPSS 0.52%
  • Veröffentlicht 19.04.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 04:03:57

Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). Supported versions that are affected are 6.1.1.6, 6.2.0.0 and 6.2.1.0. Easily exploitable vulnera...

6.1

CVE-2015-9251

  • EPSS 14.53%
  • Veröffentlicht 18.01.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 02:40:09

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.