Skip to main content
CVE-2020-2683 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-2646 MEDIUM PATCH This Month

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Command Line Interface). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Enterprise Manager Base Platform
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-2536 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Outside In Technology
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2020-2695 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Approval Framework). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Cost Center Common Application Objects
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2020-2693 MEDIUM PATCH This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 5.3).

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2020-2666 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

File Upload Oracle Applications Framework
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-2592 MEDIUM PATCH This Month

Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Autovue
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-2564 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Siebel Ui Framework
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2020-2559 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: UIF Open UI). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Siebel Ui Framework
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2020-2545 MEDIUM PATCH This Month

Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Http Server
NVD
CVSS 3.1
5.3
EPSS
1.5%
CVE-2020-1604 MEDIUM This Month

On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-2550 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
5.1
EPSS
0.5%
CVE-2020-2647 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.0
EPSS
0.4%
CVE-2020-2515 MEDIUM PATCH This Month

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable.

Denial Of Service Oracle Database Server
NVD
CVSS 3.1
5.0
EPSS
0.8%
CVE-2020-2697 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Suites Management component of Oracle Food and Beverage Applications. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Oracle Authentication Bypass Hospitality Suites Management
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2020-2679 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-2660 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-2589 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-2588 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-2580 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2020-2577 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Ubuntu Linux Active Iq Unified Manager +3
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-2655 MEDIUM PATCH This Month

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +2
NVD
CVSS 3.1
4.8
EPSS
3.6%
CVE-2020-2593 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Jdk Jre +22
NVD
CVSS 3.1
4.8
EPSS
3.0%
CVE-2020-2567 MEDIUM PATCH This Month

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Security). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2020-2552 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
4.8
EPSS
0.8%
CVE-2020-2548 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
4.8
EPSS
0.9%
CVE-2020-2547 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
4.8
EPSS
0.9%
CVE-2020-2709 MEDIUM PATCH This Month

Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Learner Pages). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Ilearning
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2020-2668 MEDIUM PATCH This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Isupport
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-2667 MEDIUM PATCH This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Isupport
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-2657 MEDIUM PATCH This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
4.7
EPSS
0.9%
CVE-2020-2597 MEDIUM PATCH This Month

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Call Phone Number Page). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2020-2596 MEDIUM PATCH This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Message Hooks). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Crm Technical Foundation
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-2566 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

File Upload Oracle Applications Framework
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2020-2560 MEDIUM PATCH This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: SWSE Server). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Siebel Ui Framework
NVD
CVSS 3.1
4.7
EPSS
1.5%
CVE-2020-2557 MEDIUM PATCH This Month

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: Security). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Demantra Demand Management
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2020-2535 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Server). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
4.7
EPSS
1.4%
CVE-2020-2664 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-2584 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Oracle Authentication Bypass MySQL Ubuntu Linux Active Iq Unified Manager +3
NVD
CVSS 3.1
4.4
EPSS
1.8%
CVE-2020-2724 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2020-2719 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Corporate Lending
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-2714 MEDIUM PATCH This Month

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Banking Payments
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-2700 MEDIUM PATCH This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-2687 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Elastic Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
4.3
EPSS
1.4%
CVE-2020-2561 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Company Dir / Org Chart Viewer). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Human Resources
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-2544 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2020-2519 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Weblogic Server
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-2095 MEDIUM PATCH This Month

Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored an API key unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Information Disclosure Redgate Sql Change Automation
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-2094 MEDIUM PATCH This Month

A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Authentication Bypass Health Advisor By Cloudbees
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-5501 MEDIUM PATCH This Month

phpBB 3.2.8 allows a CSRF attack that can modify a group avatar. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Phpbb
NVD
CVSS 3.1
4.3
EPSS
0.4%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy