Configurator
This hub aggregates every CVE we track for Configurator, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
18
CVEs tracked
1
Critical
10
High
1
In CISA KEV
Severity distribution
HIGH10MEDIUM7CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
2
0
0
0
0
0
1
0
0
1
0
0
1
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Configurator.
- CVE-2026-34274Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability a...6.1
- CVE-2026-21972Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability a...5.3
- CVE-2025-61884Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allow...KEV7.5
- CVE-2025-30728Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unau...7.5
- CVE-2025-30720Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Orders). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows un...6.1
- CVE-2023-43986DM Concept configurator before v4.9.4 was discovered to contain a SQL injection vulnerability via the component ConfiguratorAttachment::getAttachmentByToken.9.8
- CVE-2022-21255Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: UI Servlet). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows...8.1
- CVE-2021-2080Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unau...8.2
- CVE-2021-2079Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unau...8.2
- CVE-2021-2078Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unau...8.2
- CVE-2020-14669Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unau...8.2
- CVE-2020-2865Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: Installation). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows un...5.3
- CVE-2019-2567Vulnerability in the Oracle Configurator component of Oracle Supply Chain Products Suite (subcomponent: Active Model Generation). Supported versions that are affected are 12.1 and 12.2. Easily expl...7.5
- CVE-2016-3438Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1, and 12.2 allows remote attackers to affect confidentiality and integrity via vecto...8.2
- CVE-2016-0541Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors ...5.0
Product normalization is registry-driven with AI assist and human review. How it works