SAP® and Oracle® Security Advisories

Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.

Oracle E-Business Suite
Critical

06/14/2018

Oracle E-Business Suite SQL Injection in ieurequesthandler

By exploiting this vulnerability, unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

Read More
Oracle E-Business Suite
Critical

06/13/2018

Oracle E-Business Suite SQL Injection in DataManagerServer

By exploiting this vulnerability, an unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

Read More
Oracle E-Business Suite
Critical

02/09/2018

Oracle E-Business Suite SQL Injections

By exploiting this vulnerability, unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

Read More
Oracle E-Business Suite
Medium

02/09/2018

Oracle E-Business Suite Information Disclosure

By exploiting this vulnerability, a remote unauthenticated attacker could get access to sensitive information. Please fill out the form to download the security advisory.

Read More
Oracle E-Business Suite
Medium

02/09/2018

Oracle E-Business Suite Missing Authorization

By exploiting this vulnerability, a remote authenticated attacker could modify calendar events. Please fill out the form to download the security advisory.

Read More
Oracle E-Business Suite
High

02/09/2018

Oracle E-Business Suite Multiple XSS

By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system. Please fill out the form to download the security advisory.

Read More
Oracle E-Business Suite
Medium

09/21/2016

Oracle E-Business Suite Cross Site Scripting (XSS) II

By exploiting this Oracle E-Business Suite vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following…

Read More
Oracle E-Business Suite
Medium

09/21/2016

Oracle E-Business Suite Cross Site Scripting (XSS) IV

By exploiting this Oracle E-Business Suite vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following…

Read More
Oracle E-Business Suite
Medium

09/21/2016

Oracle E-Business Suite Cross Site Scripting (XSS) V

By exploiting this Oracle E-Business Suite vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following…

Read More
123

Page 2 of 3