📦 Jd Edwards Enterpriseone Tools
by Oracle
🔍 What is Jd Edwards Enterpriseone Tools?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This critical vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with network access via HTTP to completely compromise the system. It affects all versions prior to...
CVE-2021-42013 is a critical path traversal vulnerability in Apache HTTP Server that allows attackers to access files outside configured directories. If CGI scripts are enabled for aliased paths, this...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers to remotely access sensitive data via HTTP. It affects Web Runtime SEC component in versions prior to 9.2.9...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers to remotely access sensitive data via HTTP. It affects all versions prior to 9.2.9.0, potentially exposing ...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low privileges to completely compromise the system via HTTP requests. It affects all versions prior to 9...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with network access to perform unauthorized data manipulation, read restricted data, and cause partial denial...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with network access via HTTP to cause denial of service (system hangs or crashes) and gain unauthorized rea...
This OpenSSL vulnerability allows attackers to cause buffer overruns when applications directly construct ASN.1 strings without proper NUL termination. Exploitation can lead to denial of service or me...
CVE-2021-22940 is a use-after-free vulnerability in Node.js that allows memory corruption attacks. An attacker could exploit this to potentially execute arbitrary code or crash the Node.js process. Th...
CVE-2021-37695 is a cross-site scripting (XSS) vulnerability in CKEditor 4's Fake Objects plugin that allows attackers to inject malicious HTML that can execute JavaScript code in victims' browsers. I...
CVE-2021-32808 is a cross-site scripting (XSS) vulnerability in CKEditor 4 that allows attackers to execute arbitrary JavaScript code by exploiting a flaw in the clipboard Widget plugin when used with...
This vulnerability in Ruby's Net::IMAP library allows man-in-the-middle attackers to bypass TLS encryption by blocking StartTLS commands, potentially exposing sensitive data transmitted via IMAP. It a...
This vulnerability in RDoc (Ruby's documentation generator) allows arbitrary code execution when processing filenames containing pipe (|) or backtick (`) characters. Attackers can exploit this by tric...
This vulnerability in Oracle Database's Advanced Networking Option allows attackers to bypass network encryption protections and potentially compromise the component. It affects Oracle Database Server...
This OpenSSL vulnerability allows certificate chain validation to be bypassed when the X509_V_FLAG_X509_STRICT flag is explicitly set. It affects applications using OpenSSL 1.1.1h-1.1.1j that enable s...
Node.js servers are vulnerable to denial of service attacks when attackers establish numerous connections with unknown protocols, causing file descriptor leaks. This can exhaust system resources, prev...
An unauthenticated attacker can exploit this vulnerability in Oracle JD Edwards EnterpriseOne Tools Web Runtime SEC component via HTTP to modify or read limited data. The attack requires tricking a us...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with network access via HTTP to compromise the system. It requires human interaction from someone other tha...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low privileges to modify data via HTTP requests. It affects the Web Runtime SEC component in versions pr...
This vulnerability allows authenticated attackers with low privileges to cause a denial of service (DoS) in Oracle JD Edwards EnterpriseOne Tools by sending specially crafted HTTP requests. The attack...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers to manipulate or view data by tricking users into interacting with malicious HTTP requests. It affects all ...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows unauthenticated attackers with network access via HTTP to read sensitive data. It affects the Web Runtime SEC component in versions p...
This cross-site request forgery (CSRF) vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low privileges to trick users into performing unauthorized actions. Af...
This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with low privileges to manipulate business logic via HTTP requests, potentially leading to unauthorized data ...