CVE-2024-21091
- EPSS 0.49%
- Published 16.04.2024 22:15:29
- Last modified 29.05.2025 19:22:56
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Data Import). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker w...
CVE-2024-21092
- EPSS 1.17%
- Published 16.04.2024 22:15:29
- Last modified 06.12.2024 21:35:54
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privil...
CVE-2024-20956
- EPSS 0.14%
- Published 17.02.2024 02:15:49
- Last modified 27.11.2024 16:37:04
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Installation). Supported versions that are affected are Prior to 6.2.4.2. Easily exploitable vulnerability allows unauthenticated a...
CVE-2021-2351
- EPSS 3.54%
- Published 21.07.2021 15:15:21
- Last modified 21.11.2024 06:02:56
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracl...
CVE-2020-11022
- EPSS 22.55%
- Published 29.04.2020 22:15:11
- Last modified 21.11.2024 04:56:36
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...
CVE-2019-11358
- EPSS 2.4%
- Published 20.04.2019 00:29:00
- Last modified 21.11.2024 04:20:56
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...
- EPSS 0.09%
- Published 17.10.2018 01:31:16
- Last modified 21.11.2024 04:05:13
Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: User Group Management). The supported version that is affected is 6.2.0.0. Difficult to exploit vulnerability al...
- EPSS 0.22%
- Published 18.07.2018 13:29:08
- Last modified 21.11.2024 04:05:05
Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). The supported version that is affected is 6.2.0.0. Easily exploitable vulnerability allows high p...
CVE-2018-2572
- EPSS 0.52%
- Published 19.04.2018 02:29:00
- Last modified 21.11.2024 04:03:57
Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). Supported versions that are affected are 6.1.1.6, 6.2.0.0 and 6.2.1.0. Easily exploitable vulnera...
CVE-2015-9251
- EPSS 9.84%
- Published 18.01.2018 23:29:00
- Last modified 21.11.2024 02:40:09
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.