U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:oracle:e-business_suite:12.2.2
There are 23 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2015-0404

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Error Messages.

Published: January 21, 2015; 1:59:46 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2015-0393

Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to DB Privileges. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that the PUBLIC role is granted the INDEX privilege for the DUAL table during a "seeded install," which allows remote authenticated users to gain SYSDBA privileges and execute arbitrary code.

Published: January 21, 2015; 1:59:36 PM -0500
V3.x:(not available)
V2.0: 6.0 MEDIUM
CVE-2015-0380

Unspecified vulnerability in the Oracle Telecommunications Billing Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to OA Based UI for Bill Summary.

Published: January 21, 2015; 1:59:26 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-6582

Unspecified vulnerability in the Oracle HCM Configuration Workbench component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Rapid Implementation.

Published: January 21, 2015; 10:28:20 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-6581

Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Extract/Load Programs.

Published: January 21, 2015; 10:28:19 AM -0500
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2014-6572

Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E-Business Suite 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality and integrity via unknown vectors related to List of Values.

Published: January 21, 2015; 10:28:11 AM -0500
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2014-6556

Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to AD_DDL.

Published: January 21, 2015; 10:28:03 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2014-6525

Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates.

Published: January 21, 2015; 9:59:11 AM -0500
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2014-6561

Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 12.0.4, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Separate Remittance Advice.

Published: October 15, 2014; 6:55:08 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-6539

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to LOV, a different vulnerability than CVE-2014-6472.

Published: October 15, 2014; 6:55:07 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-6523

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality via vectors related to REST Interface.

Published: October 15, 2014; 6:55:07 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2014-6472

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to LOV, a different vulnerability than CVE-2014-6539.

Published: October 15, 2014; 11:55:08 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-6471

Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via vectors related to OAM Diagnostics.

Published: October 15, 2014; 11:55:08 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-4281

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Portal Integration.

Published: October 15, 2014; 11:55:06 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-4278

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Forms.

Published: October 15, 2014; 11:55:06 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-4248

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows local users to affect confidentiality via unknown vectors related to Logging.

Published: July 17, 2014; 7:17:10 AM -0400
V3.x:(not available)
V2.0: 1.0 LOW
CVE-2014-4235

Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows remote authenticated users to affect integrity via unknown vectors.

Published: July 17, 2014; 7:17:09 AM -0400
V3.x:(not available)
V2.0: 3.5 LOW
CVE-2014-4213

Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows remote attackers to affect integrity via unknown vectors.

Published: July 17, 2014; 1:10:15 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-2482

Unspecified vulnerability in the Oracle Concurrent Processing component in Oracle E-Business Suite 12.1.3, 12.2.2, and 12.2.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

Published: July 17, 2014; 1:10:14 AM -0400
V3.x:(not available)
V2.0: 5.5 MEDIUM
CVE-2013-5890

Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Exception Reporting.

Published: January 15, 2014; 11:11:05 AM -0500
V3.x:(not available)
V2.0: 5.5 MEDIUM