Vulnerabilities > Oracle > Transportation Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-18 | CVE-2022-21591 | Unspecified vulnerability in Oracle Transportation Management 6.4.3/6.5.1 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). | 5.4 |
| 2022-10-18 | CVE-2022-39409 | Unspecified vulnerability in Oracle Transportation Management 6.4.3/6.5.1 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). | 2.7 |
| 2022-10-18 | CVE-2022-39411 | Unspecified vulnerability in Oracle Transportation Management 6.4.3/6.5.1 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Business Process Automation). | 4.9 |
| 2022-10-18 | CVE-2022-39420 | Unspecified vulnerability in Oracle Transportation Management 6.4.3/6.5.1 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Functional Security). | 5.4 |
| 2022-04-19 | CVE-2022-21480 | Unspecified vulnerability in Oracle Transportation Management 6.4.3/6.5.1 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: User Interface). | 6.1 |
| 2021-10-20 | CVE-2021-35616 | Unspecified vulnerability in Oracle Transportation Management 6.4.3 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: UI Infrastructure). | 5.4 |
| 2021-10-20 | CVE-2021-2476 | Unspecified vulnerability in Oracle Transportation Management 6.4.3 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Authentication). | 5.3 |
| 2020-07-15 | CVE-2020-14544 | Unspecified vulnerability in Oracle Transportation Management 6.4.3 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security). | 4.3 |
| 2020-05-20 | CVE-2020-9484 | Deserialization of Untrusted Data vulnerability in multiple products When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. | 7.0 |
| 2020-04-15 | CVE-2020-2744 | Unspecified vulnerability in Oracle Transportation Management 6.3.7/6.4.2/6.4.3 Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Security). | 5.4 |