Skip to main content
CVE-2020-14681 HIGH This Week

Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: DBI Setups). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass E Business Intelligence
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14671 HIGH This Week

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Advanced Outbound Telephony
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14670 HIGH This Week

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Settings). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Advanced Outbound Telephony
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14669 HIGH This Week

Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Configurator
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14668 HIGH This Week

Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: DBI Setups). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass E Business Intelligence
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14666 HIGH This Week

Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Email Center
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14660 HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Crm Technical Foundation
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14628 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Oracle Microsoft Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-14608 HIGH PATCH This Week

Vulnerability in the Oracle Fusion Middleware MapViewer product of Oracle Fusion Middleware (component: Tile Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Fusion Middleware Mapviewer
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2020-14596 HIGH PATCH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Address Book). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Authentication Bypass Istore
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14595 HIGH PATCH This Week

Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Assessment Manager). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Authentication Bypass Ilearning
NVD
CVSS 3.1
8.2
EPSS
2.0%
CVE-2020-14588 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
8.2
EPSS
1.6%
CVE-2020-14585 HIGH PATCH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Authentication Bypass Bi Publisher
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-14584 HIGH PATCH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Authentication Bypass Bi Publisher
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-14582 HIGH PATCH This Week

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Registration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Authentication Bypass Istore
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14580 HIGH PATCH This Week

Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications Applications (component: System Admin). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Authentication Bypass Communications Applications
NVD
CVSS 3.1
8.2
EPSS
1.0%
CVE-2020-14534 HIGH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Popups). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-2978 MEDIUM POC PATCH This Month

Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Oracle Authentication Bypass Database
NVD
CVSS 3.1
4.1
EPSS
1.2%
CVE-2020-14626 HIGH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Information Disclosure Business Intelligence
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2020-14569 HIGH PATCH This Week

Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Flexcube Investor Servicing
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2020-14565 HIGH PATCH This Week

Vulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Unified Directory
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2020-2968 HIGH PATCH This Week

Vulnerability in the Java VM component of Oracle Database Server. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure Database Server
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2020-15602 HIGH This Week

An untrusted search path remote code execution (RCE) vulnerability in the Trend Micro Secuity 2020 (v16.0.0.1146 and below) consumer family of products could allow an attacker to run arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Trend Micro Antivirus 2020 Internet Security 2020 Maximum Security 2020 +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-14720 HIGH This Week

Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile Expenses Admin Utilities). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Internet Expenses
NVD
CVSS 3.1
7.7
EPSS
1.3%
CVE-2020-14719 HIGH This Week

Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile Expenses Admin Utilities). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Internet Expenses
NVD
CVSS 3.1
7.7
EPSS
1.0%
CVE-2020-14667 HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Crm Technical Foundation
NVD
CVSS 3.1
7.6
EPSS
1.0%
CVE-2020-14657 HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Crm Technical Foundation
NVD
CVSS 3.1
7.6
EPSS
1.0%
CVE-2020-14610 HIGH PATCH This Week

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS File Upload Oracle Authentication Bypass Applications Framework
NVD
CVSS 3.1
7.6
EPSS
0.9%
CVE-2020-6164 HIGH PATCH This Week

In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Silverstripe
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-15603 HIGH This Week

An invalid memory read vulnerability in a Trend Micro Secuity 2020 (v16.0.0.1302 and below) consumer family of products' driver could allow an attacker to manipulate the specific driver to do a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Trend Micro Information Disclosure Antivirus 2020 Internet Security 2020 +2
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-2967 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-14713 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-14699 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Information Disclosure Oracle Integer Overflow Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-14679 HIGH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Crm Technical Foundation
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-14677 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-14676 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Buffer Overflow Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2020-14675 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-14674 HIGH PATCH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5).

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-14649 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-14647 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2020-14646 HIGH This Week

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated high severity (CVSS 7.5). No vendor patch available.

Oracle Information Disclosure Vm Virtualbox Leap
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2020-14642 HIGH This Week

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: CacheStore). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Oracle Coherence
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-14639 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-14630 HIGH This Week

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications Applications (component: File Upload). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Oracle Enterprise Session Border Controller
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-14589 HIGH PATCH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2020-15572 HIGH This Week

Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Information Disclosure Tor
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-14499 HIGH This Week

Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Iview
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-14593 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Openjdk Jdk +18
NVD
CVSS 3.1
7.4
EPSS
3.9%
CVE-2020-14536 HIGH This Week

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Workbench). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Commerce Experience Manager Commerce Guided Search
NVD
CVSS 3.1
7.4
EPSS
1.6%
CVE-2020-14535 HIGH This Week

Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce Service Center). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Commerce Service Center
NVD
CVSS 3.1
7.4
EPSS
1.6%
Prev Page 2 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy