Skip to main content
CVE-2020-2899 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Purchasing
NVD
CVSS 3.1
4.8
EPSS
0.7%
CVE-2020-2800 MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.8
EPSS
2.9%
CVE-2020-2767 MEDIUM This Month

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
4.8
EPSS
2.1%
CVE-2020-2553 MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Knowledge
NVD
CVSS 3.1
4.8
EPSS
0.9%
CVE-2020-11778 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-11777 MEDIUM This Month

Certain NETGEAR devices are affected by Stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-11776 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-11775 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +14
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-11774 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-11773 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-11772 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-11771 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +5
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-11769 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +13
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-11768 MEDIUM This Month

Certain NETGEAR devices are affected by Stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500 Firmware R7800 Firmware +14
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-10932 MEDIUM This Month

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Mbed Tls Fedora Debian Linux
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2020-10951 MEDIUM This Month

Western Digital My Cloud Home and ibi devices before 2.2.0 allow clickjacking on sign-in pages. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ibi My Cloud Home
NVD
CVSS 3.1
4.7
EPSS
0.9%
CVE-2020-0568 MEDIUM PATCH This Month

Race condition in the Intel(R) Driver and Support Assistant before version 20.1.5 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 4.7).

Race Condition Denial Of Service Intel Driver Support Assistant
NVD
CVSS 3.1
4.7
EPSS
0.4%
CVE-2020-2886 MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-2875 MEDIUM This Month

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Mysql Connector J Fedora Debian Linux
NVD
CVSS 3.1
4.7
EPSS
2.2%
CVE-2020-2862 MEDIUM This Month

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
4.7
EPSS
1.1%
CVE-2020-2810 MEDIUM This Month

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Istore
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-2789 MEDIUM This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: User Interface). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Isupport
NVD
CVSS 3.1
4.7
EPSS
1.0%
CVE-2020-0943 MEDIUM PATCH This Month

An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity.

Google Microsoft Authentication Bypass Your Phone Companion
NVD
CVSS 3.1
4.6
EPSS
1.3%
CVE-2020-2740 MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Access Manager
NVD
CVSS 3.1
4.6
EPSS
0.8%
CVE-2020-2514 MEDIUM This Month

Vulnerability in the Oracle Application Express component of Oracle Database Server. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Application Express
NVD
CVSS 3.1
4.6
EPSS
0.7%
CVE-2020-2930 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.4
EPSS
1.7%
CVE-2020-2926 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Fedora
NVD
CVSS 3.1
4.4
EPSS
1.9%
CVE-2020-2921 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Fedora
NVD
CVSS 3.1
4.4
EPSS
1.8%
CVE-2020-7255 MEDIUM This Month

Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Endpoint Security
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-11659 MEDIUM This Month

CA API Developer Portal 4.3.1 and earlier contains an access control flaw that allows privileged users to perform a restricted user administration action. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ca Api Developer Portal
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-2947 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft (component: Absence Management). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Human Capital Management Absence Management
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-2869 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-2745 MEDIUM This Month

Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Federation). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Access Manager
NVD
CVSS 3.1
4.3
EPSS
1.4%
CVE-2020-2738 MEDIUM This Month

Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI, SWSE). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Siebel Ui Framework
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2020-2522 MEDIUM This Month

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Knowledge
NVD
CVSS 3.1
4.3
EPSS
1.0%
CVE-2020-2777 MEDIUM This Month

Vulnerability in the Hyperion Financial Management product of Oracle Hyperion (component: Security). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Management
NVD
CVSS 3.1
4.2
EPSS
0.8%
CVE-2020-2772 MEDIUM This Month

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Absence Recording, Maintenance). Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Human Resources
NVD
CVSS 3.1
4.1
EPSS
0.9%
CVE-2020-2922 LOW Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 3.1
3.7
EPSS
2.4%
CVE-2020-2900 LOW Monitor

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable. No vendor patch available.

Oracle Authentication Bypass Graalvm
NVD
CVSS 3.1
3.7
EPSS
0.7%
CVE-2020-2778 LOW Monitor

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Jdk Jre +18
NVD
CVSS 3.1
3.7
EPSS
2.3%
CVE-2020-2773 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle Jdk Jre +19
NVD
CVSS 3.1
3.7
EPSS
3.6%
CVE-2020-2764 LOW Monitor

Vulnerability in the Java SE product of Oracle Java SE (component: Advanced Management Console). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Java Advanced Management Console
NVD
CVSS 3.1
3.7
EPSS
2.4%
CVE-2020-2757 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Java Denial Of Service Deserialization Jdk +20
NVD
CVSS 3.1
3.7
EPSS
4.2%
CVE-2020-2756 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Java Denial Of Service Deserialization Jdk +19
NVD
CVSS 3.1
3.7
EPSS
4.2%
CVE-2020-2755 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle Jdk Jre +18
NVD
CVSS 3.1
3.7
EPSS
3.9%
CVE-2020-2754 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle Jdk Jre +10
NVD
CVSS 3.1
3.7
EPSS
4.1%
CVE-2020-2748 LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
3.2
EPSS
0.5%
CVE-2020-2909 LOW Monitor

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Oracle Vm Virtualbox Leap
NVD
CVSS 3.1
2.8
EPSS
0.9%
CVE-2020-2749 LOW Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMF command svcbundle). Rated low severity (CVSS 2.5). No vendor patch available.

Oracle Authentication Bypass Solaris
NVD
CVSS 3.1
2.5
EPSS
0.5%
CVE-2020-2769 LOW Monitor

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
CVSS 3.1
2.4
EPSS
0.9%
Prev Page 9 of 10 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy