Agile product lifecycle management
This hub aggregates every CVE we track for Agile product lifecycle management, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
56
CVEs tracked
2
Critical
17
High
2
In CISA KEV
Severity distribution
MEDIUM33HIGH17LOW4CRITICAL2
Monthly trend
0
0
0
0
1
0
4
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Agile product lifecycle management.
- CVE-2025-21565Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Install). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows unaut...7.5
- CVE-2025-21564Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported version that is affected is 9.3.6. Easily exploitable vulnera...8.1
- CVE-2025-21560Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Software Development Kit). The supported version that is affected is 9.3.6. Easily exploitable vulne...6.5
- CVE-2025-21556Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported version that is affected is 9.3.6. Easily exploitable vulnera...9.9
- CVE-2024-21287Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Software Development Kit, Process Extension). The supported version that is affected is 9.3.6. Easily ex...KEV7.5
- CVE-2024-20953Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged a...KEV8.8
- CVE-2021-41165HTML comments vulnerability allowing to execute JavaScript code8.2
- CVE-2020-2920Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Security). Supported versions that are affected are 9.3.3, 9.3.5 and 9.3.6. Easily exploitable vulnerability allows ...6.1
- CVE-2020-1935In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as ...4.8
- CVE-2019-2817Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Folders, Files & Attachments). Supported versions that are affected are 9.3.3, 9.3.4, 9.3.5 and ...5.4
- CVE-2019-0227A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subve...7.5
- CVE-2018-8032Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.6.1
- CVE-2018-11040Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) throu...7.5
- CVE-2018-1257Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory...6.5
- CVE-2018-2609Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected are 9.3.5 and 9.3.6. Easily exploitable vulnerab...6.1
Product normalization is registry-driven with AI assist and human review. How it works