Agile Product Lifecycle Management For Process
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11022 | Med | 0.49 | 6.9 | 0.99 | Apr 29, 2020 | In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | ||
| CVE-2018-2572 | Med | 0.40 | 6.1 | 0.01 | Apr 19, 2018 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). Supported versions that are affected are 6.1.1.6, 6.2.0.0 and 6.2.1.0. Easily exploitable vulnerability allows unauthenticated… | ||
| CVE-2026-34296 | Med | 0.28 | 4.3 | 0.00 | Apr 21, 2026 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network… | ||
| CVE-2016-5504 | Med | 0.27 | 4.1 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Supplier Portal. | ||
| CVE-2018-3069 | Low | 0.18 | 2.7 | 0.01 | Jul 18, 2018 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). The supported version that is affected is 6.2.0.0. Easily exploitable vulnerability allows high privileged attacker with… | ||
| CVE-2026-21969 | 0.00 | — | 0.00 | Jan 20, 2026 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Supplier Portal). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via… | |||
| CVE-2026-21944 | 0.00 | — | 0.00 | Jan 20, 2026 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network… | |||
| CVE-2024-21092 | 0.00 | — | 0.01 | Apr 16, 2024 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network… | |||
| CVE-2024-21091 | 0.00 | — | 0.00 | Apr 16, 2024 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Data Import). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP… | |||
| CVE-2024-20956 | 0.00 | — | 0.00 | Feb 17, 2024 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Installation). Supported versions that are affected are Prior to 6.2.4.2. Easily exploitable vulnerability allows unauthenticated attacker with network access… | |||
| CVE-2018-3134 | 0.00 | — | 0.00 | Oct 17, 2018 | Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: User Group Management). The supported version that is affected is 6.2.0.0. Difficult to exploit vulnerability allows low privileged attacker… | |||
| CVE-2015-4746 | 0.00 | — | 0.02 | Jul 16, 2015 | Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0.0.7, 6.1.0.3, 6.1.1.5, and 6.2.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Global Spec… | |||
| CVE-2014-0434 | 0.00 | — | 0.01 | Jan 15, 2014 | Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Installation. | |||
| CVE-2013-5897 | 0.00 | — | 0.02 | Jan 15, 2014 | Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Manage Data Cache. |
- risk 0.49cvss 6.9epss 0.99
In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
- risk 0.40cvss 6.1epss 0.01
Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). Supported versions that are affected are 6.1.1.6, 6.2.0.0 and 6.2.1.0. Easily exploitable vulnerability allows unauthenticated…
- risk 0.28cvss 4.3epss 0.00
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network…
- risk 0.27cvss 4.1epss 0.00
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.1.0.4, 6.1.1.6, and 6.2.0.0 allows local users to affect confidentiality via vectors related to Supplier Portal.
- risk 0.18cvss 2.7epss 0.01
Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). The supported version that is affected is 6.2.0.0. Easily exploitable vulnerability allows high privileged attacker with…
- CVE-2026-21969Jan 20, 2026risk 0.00cvss —epss 0.00
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Supplier Portal). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via…
- CVE-2026-21944Jan 20, 2026risk 0.00cvss —epss 0.00
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network…
- CVE-2024-21092Apr 16, 2024risk 0.00cvss —epss 0.01
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality Management). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network…
- CVE-2024-21091Apr 16, 2024risk 0.00cvss —epss 0.00
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Data Import). The supported version that is affected is 6.2.4.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP…
- CVE-2024-20956Feb 17, 2024risk 0.00cvss —epss 0.00
Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Installation). Supported versions that are affected are Prior to 6.2.4.2. Easily exploitable vulnerability allows unauthenticated attacker with network access…
- CVE-2018-3134Oct 17, 2018risk 0.00cvss —epss 0.00
Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: User Group Management). The supported version that is affected is 6.2.0.0. Difficult to exploit vulnerability allows low privileged attacker…
- CVE-2015-4746Jul 16, 2015risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0.0.7, 6.1.0.3, 6.1.1.5, and 6.2.0.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Global Spec…
- CVE-2014-0434Jan 15, 2014risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote attackers to affect integrity via unknown vectors related to Installation.
- CVE-2013-5897Jan 15, 2014risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Manage Data Cache.