Total
53 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-10333 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 6.5 MEDIUM | 7.4 HIGH |
| Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: EAI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel UI Framework. While the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data as well as unauthorized read access to a subset of Siebel UI Framework accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Siebel UI Framework. CVSS 3.0 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L). | |||||
| CVE-2017-10315 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data as well as unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | |||||
| CVE-2017-10302 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel UI Framework accessible data as well as unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | |||||
| CVE-2017-10264 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Siebel UI Framework. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). | |||||
| CVE-2017-10263 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 5.8 MEDIUM | 8.2 HIGH |
| Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Siebel UI Framework accessible data as well as unauthorized update, insert or delete access to some of Siebel UI Framework accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). | |||||
| CVE-2016-7103 | 7 Debian, Fedoraproject, Jqueryui and 4 more | 13 Debian Linux, Fedora, Jquery Ui and 10 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. | |||||
| CVE-2016-5468 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5451. | |||||
| CVE-2016-5464 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 3.5 LOW | 4.1 MEDIUM |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5463. | |||||
| CVE-2016-5463 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 3.5 LOW | 4.1 MEDIUM |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5464. | |||||
| CVE-2016-5451 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5468. | |||||
| CVE-2016-5450 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI. | |||||
| CVE-2016-0673 | 1 Oracle | 1 Siebel Ui Framework | 2024-11-21 | 4.9 MEDIUM | 5.4 MEDIUM |
| Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UIF Open UI. | |||||
| CVE-2015-9251 | 2 Jquery, Oracle | 47 Jquery, Agile Product Lifecycle Management For Process, Banking Platform and 44 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. | |||||