SAP^® and Oracle^® Security Advisories

Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.

Oracle E-Business Suite

High

07/18/2018

Multiple Oracle E-Business Suite Open Redirection

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

SAP ERP

Medium

06/14/2018

SAP Two-Factor Authentication Soft-Token Cloning

By exploiting this vulnerability, an attacker who previously accessed a mobile phone connected to an SAP system could potentially access all the business information stored and processed in the SAP system. Please fill out the form to download the security advisory.

SAP KERNEL

Medium

06/14/2018

SAP SDLREG Fixed Key for Encryption

By exploiting this vulnerability an unauthenticated attacker could access and modify any information indexed by the SAP system. Please fill out the form to download the security advisory.

Oracle E-Business Suite

High

06/14/2018

Oracle E-Business Suite Information Disclosure

By exploiting this vulnerability, a remote unauthenticated attacker could get sensitive information. Please fill out the form to download the security advisory.

Oracle E-Business Suite

High

06/14/2018

Oracle E-Business Suite Incorrect Log Handling

By exploiting this vulnerability, a remote unauthenticated attacker could modify business information. Please fill out the form to download the security advisory.

Oracle E-Business Suite

High

06/14/2018

Oracle E-Business Suite Information Disclosure

By exploiting this vulnerability, a remote unauthenticated attacker could get sensitive information. Please fill out the form to download the security advisory.

Oracle E-Business Suite

Critical

06/14/2018

Oracle E-Business Suite SQL Injection in GanttDataServer

By exploiting this vulnerability, an unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

Oracle E-Business Suite

Critical

06/14/2018

Oracle E-Business Suite SQL Injection in ieurequesthandler

By exploiting this vulnerability, unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

Oracle E-Business Suite

Critical

06/14/2018

Oracle E-Business Suite SQL Injection in Shopfloor Server

By exploiting this vulnerability, an unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

«‹…9 101112 13…›»

Page 11 of 30

Safeguarding Tomorrow: Empowering SAP Customers with Advanced Cyber Risk Management

Securing Your Future: Preparing for a Successful SAP RISE Transformation

Executive Threat Overview: Reported SAP Cyber Attack Severely Impacts Business Operations, Compromises Data at Global Manufacturer

Critical SAP Zero-Day Vulnerability Under Active Exploitation (CVE-2025-31324)

10 Reasons Why More Companies Choose Onapsis

SAP^® and Oracle^® Security Advisories

Multiple Oracle E-Business Suite Open Redirection

SAP Two-Factor Authentication Soft-Token Cloning

SAP SDLREG Fixed Key for Encryption

Oracle E-Business Suite Information Disclosure

Oracle E-Business Suite Incorrect Log Handling

Oracle E-Business Suite Information Disclosure

Oracle E-Business Suite SQL Injection in GanttDataServer

Oracle E-Business Suite SQL Injection in ieurequesthandler

Oracle E-Business Suite SQL Injection in Shopfloor Server

SAP® and Oracle® Security Advisories

SAP^® and Oracle^® Security Advisories