Skip to main content

Applications Framework

23 CVEs product

Monthly

CVE-2025-30718 MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle File Upload Applications Framework
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2025-30711 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass File Upload Applications Framework
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2024-21080 MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: REST Services). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Applications Framework
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-22042 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-21636 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Applications Framework
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-21477 MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Oracle Applications Framework
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-21468 MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Applications Framework
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2021-2477 MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Applications Framework
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2021-2380 HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle File Upload Authentication Bypass Applications Framework
NVD
CVSS 3.1
7.6
EPSS
0.7%
CVE-2021-2200 CRITICAL PATCH Act Now

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Home page). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
9.1
EPSS
1.2%
CVE-2020-14746 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popup windows). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Microsoft Authentication Bypass Applications Framework
NVD
CVSS 3.1
4.7
EPSS
1.2%
CVE-2020-14610 HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS File Upload Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
7.6
EPSS
0.9%
CVE-2020-14590 LOW PATCH Monitor

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Page Request). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
2.7
EPSS
1.0%
CVE-2020-14534 HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-2890 HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
8.2
EPSS
1.5%
CVE-2020-2866 MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Oracle Applications Framework
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2020-2666 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

File Upload Oracle Applications Framework
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-2566 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

File Upload Oracle Applications Framework
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2019-2682 HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass File Upload Oracle Applications Framework
NVD
CVSS 3.0
8.2
EPSS
1.3%
CVE-2018-3243 HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: None). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.0
8.2
EPSS
2.1%
CVE-2018-2971 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: REST Services). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.0
4.3
EPSS
1.5%
CVE-2017-3528 MEDIUM POC PATCH THREAT This Month

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 43.2%.

Open Redirect Microsoft Oracle Applications Framework
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
43.2%
CVE-2016-3447 MEDIUM This Month

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Applications Framework
NVD
CVSS 3.0
6.9
EPSS
0.2%
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle File Upload Applications Framework
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass File Upload +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: REST Services). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Applications Framework
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Applications Framework
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Oracle Applications Framework
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Applications Framework
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Applications Framework
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle File Upload Authentication Bypass +1
NVD
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Home page). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popup windows). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Microsoft Authentication Bypass +1
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS File Upload Oracle +2
NVD
EPSS 1% CVSS 2.7
LOW PATCH Monitor

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Page Request). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Diagnostics). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Oracle Applications Framework
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

File Upload Oracle Applications Framework
NVD
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

File Upload Oracle Applications Framework
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass File Upload Oracle +1
NVD
EPSS 2% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: None). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: REST Services). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Applications Framework
NVD
EPSS 43% CVSS 5.4
MEDIUM POC PATCH THREAT This Month

Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 43.2%.

Open Redirect Microsoft Oracle +1
NVD Exploit-DB
EPSS 0% CVSS 6.9
MEDIUM This Month

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Applications Framework
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy