Skip to main content

Transportation Management

25 CVEs product

Monthly

CVE-2024-37171 MEDIUM This Month

SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative privileges to send a crafted request from a vulnerable web application. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF SAP Saptmui Transportation Management
NVD
CVSS 3.1
5.0
EPSS
0.4%
CVE-2022-39420 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Functional Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-39411 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.1
4.9
EPSS
0.6%
CVE-2022-39409 LOW PATCH Monitor

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Transportation Management
NVD
CVSS 3.1
2.7
EPSS
0.7%
CVE-2022-21591 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Transportation Management
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-21480 MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-35616 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.1
5.4
EPSS
28.0%
CVE-2021-2476 MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Authentication). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2020-14544 MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-9484 Maven HIGH POC PATCH THREAT This Week

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server;. Rated high severity (CVSS 7.0). This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Apache RCE Deserialization Tomcat Debian Linux +24
NVD
CVSS 3.1
7.0
EPSS
56.6%
CVE-2020-2744 MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-1938 Maven CRITICAL POC KEV PATCH THREAT Act Now

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache File Upload RCE Tomcat Geode +19
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
99.3%
CVE-2020-1935 Maven MEDIUM PATCH This Month

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Request Smuggling Tomcat Information Disclosure Debian Linux +18
NVD
CVSS 3.1
4.8
EPSS
9.4%
CVE-2019-17563 Maven HIGH PATCH This Week

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Session Fixation Tomcat Information Disclosure Apache Debian Linux +9
NVD
CVSS 3.1
7.5
EPSS
10.7%
CVE-2019-2709 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-11358 LIB MEDIUM POC PATCH THREAT This Month

{}, ...) because of Object.prototype pollution. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Jquery Debian Linux Drupal +102
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
87.2%
CVE-2019-2487 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-2823 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-2662 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-2631 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
CVSS 3.0
4.3
EPSS
0.8%
CVE-2017-10032 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Access Control List). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2017-3530 MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Manager component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
CVSS 3.0
6.1
EPSS
0.4%
CVE-2016-3490 LOW PATCH Monitor

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, and 6.4.1 allows. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable.

Information Disclosure Oracle Transportation Management
NVD
CVSS 3.0
3.0
EPSS
0.2%
CVE-2016-3470 HIGH PATCH This Week

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.4.1 allows remote authenticated users to affect confidentiality and integrity via. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Transportation Management
NVD
CVSS 3.0
7.1
EPSS
0.2%
CVE-2015-3195 MEDIUM This Month

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Mac Os X Api Gateway Communications Webrtc Session Controller +21
NVD
CVSS 3.1
5.3
EPSS
3.5%
EPSS 0% CVSS 5.0
MEDIUM This Month

SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative privileges to send a crafted request from a vulnerable web application. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF SAP Saptmui +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Functional Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
EPSS 1% CVSS 2.7
LOW PATCH Monitor

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Transportation Management
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Denial Of Service Transportation Management
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Transportation Management
NVD
EPSS 28% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Authentication). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 57% CVSS 7.0
HIGH POC PATCH THREAT This Week

When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server;. Rated high severity (CVSS 7.0). This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Apache RCE Deserialization +26
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 99% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache File Upload RCE +21
NVD Exploit-DB
EPSS 9% CVSS 4.8
MEDIUM PATCH This Month

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Request Smuggling Tomcat +20
NVD
EPSS 11% CVSS 7.5
HIGH PATCH This Week

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

Session Fixation Tomcat Information Disclosure +11
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
EPSS 87% CVSS 6.1
MEDIUM POC PATCH THREAT This Month

{}, ...) because of Object.prototype pollution. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Jquery +104
NVD GitHub Exploit-DB
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Transportation Management
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Access Control List). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Transportation Manager component of Oracle Supply Chain Products Suite (subcomponent: Security). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Transportation Management
NVD
EPSS 0% CVSS 3.0
LOW PATCH Monitor

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.4.0, and 6.4.1 allows. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable.

Information Disclosure Oracle Transportation Management
NVD
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.4.1 allows remote authenticated users to affect confidentiality and integrity via. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Transportation Management
NVD
EPSS 3% CVSS 5.3
MEDIUM This Month

The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Mac Os X +23
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy