CVE-2025-50105 – Oracle Universal Work Queue HTTP Unauthorized Access and Data Manipulation

July 16, 2025

CVE ID : CVE-2025-50105

Published : July 15, 2025, 8:15 p.m. | 6 hours, 44 minutes ago

Description : Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Universal Work Queue accessible data as well as unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-50108 – Oracle Hyperion Financial Reporting Workspace HTTP Unauthorized Access and Data Modification

Next Article CVE-2025-50067 – Oracle Application Express Strategic Planner Starter App HTTP Takeover Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-50105 – Oracle Universal Work Queue HTTP Unauthorized Access and Data Manipulation

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

At long last The Division 2 Battle for Brooklyn DLC is getting a proper reveal, and it’s happening soon

1 billion reasons to protect your identity online

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

How to more efficiently study complex treatment interactions

Brazil Appoints AI Robots that plant 1800 Trees Per hour to Rebuild the Amazon

CVE-2024-55567 – Insyde H2O UsbCoreDxe SMM Call Out Vulnerability

Understanding Cryptocurrency: A Beginner’s Guide to Bitcoin and Ethereum

Verizon will sell you the Samsung Galaxy S25 Edge for free – how the deal works

CVE-2025-50105 – Oracle Universal Work Queue HTTP Unauthorized Access and Data Manipulation

Related Posts