Skip to main content
CVE-2020-14724 HIGH This Week

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Solaris
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2020-14561 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Oracle Information Disclosure Food And Beverage Applications
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2020-14543 HIGH This Week

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure Hospitality Reporting And Analytics
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2020-14718 HIGH This Week

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: JVMCI). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Graalvm
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2020-14697 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2020-14696 HIGH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Layout Templates). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2020-14678 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2020-14663 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2020-14571 HIGH PATCH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Bi Publisher
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2020-2984 HIGH This Week

Vulnerability in the Oracle Configuration Manager product of Oracle Enterprise Manager (component: Discovery and collection script). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Configuration Manager
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2983 HIGH PATCH This Week

Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager (component: Data Masking). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Data Masking And Subsetting
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-2982 HIGH PATCH This Week

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Enterprise Manager Base Platform
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-14709 HIGH This Week

Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Card). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Retail Customer Management And Segmentation Foundation
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-14691 HIGH This Week

Vulnerability in the Oracle Financial Services Liquidity Risk Management product of Oracle Financial Services Applications (component: User Interface). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Financial Services Liquidity Risk Management
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-14602 HIGH PATCH This Week

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2020-14570 HIGH PATCH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Bi Publisher
NVD
CVSS 3.1
7.1
EPSS
1.4%
CVE-2020-2981 HIGH PATCH This Week

Vulnerability in the Data Store component of Oracle Berkeley DB. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Oracle Information Disclosure Berkeley Db
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2020-14557 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.8
EPSS
1.3%
CVE-2020-14552 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Security Framework). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Webcenter Portal
NVD
CVSS 3.1
6.8
EPSS
1.1%
CVE-2020-15780 MEDIUM PATCH This Month

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Linux Authentication Bypass Linux Kernel Leap Ubuntu Linux
NVD
CVSS 3.1
6.7
EPSS
1.3%
CVE-2020-2969 MEDIUM PATCH This Month

Vulnerability in the Data Pump component of Oracle Database Server. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

Oracle Information Disclosure Database Server
NVD
CVSS 3.1
6.6
EPSS
2.0%
CVE-2020-14065 MEDIUM This Month

IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Mail Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14064 MEDIUM This Month

IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mail Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-15117 MEDIUM PATCH This Month

In Synergy before version 1.12.0, a Synergy server can be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff (4294967295) if the servers memory is less than 4 GB. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Synergy Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
2.5%
CVE-2020-14711 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle Apple Vm Virtualbox Leap
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-14693 MEDIUM This Month

Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications (component: User Interface). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Insurance Accounting Analyzer
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-14692 MEDIUM This Month

Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning product of Oracle Financial Services Applications (component: User Interface). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Financial Services Loan Loss Forecasting And Provisioning
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-14685 MEDIUM This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-14680 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2020-14655 MEDIUM This Month

Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: SSL API). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass Security Service
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-14652 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-14619 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +4
NVD
CVSS 3.1
6.5
EPSS
2.7%
CVE-2020-14605 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-14594 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Inventory Integration). Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Oracle Information Disclosure Food And Beverage Applications
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-14591 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2020-14576 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-14539 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-14721 MEDIUM This Month

Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Enterprise Communications Broker
NVD
CVSS 3.1
6.3
EPSS
1.0%
CVE-2020-14662 MEDIUM This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
6.3
EPSS
0.9%
CVE-2020-15700 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Joomla
NVD
CVSS 3.1
6.3
EPSS
0.6%
CVE-2020-15695 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Joomla
NVD
CVSS 3.1
6.3
EPSS
0.6%
CVE-2020-15717 MEDIUM PATCH This Month

RosarioSIS 6.7.2 is vulnerable to XSS, caused by improper validation of user-supplied input by the Search.inc.php script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Rosariosis
NVD
CVSS 3.1
6.1
EPSS
1.5%
CVE-2020-2562 MEDIUM PATCH This Month

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (component: Investor Module). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Primavera Portfolio Management
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-14640 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2020-14638 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2020-14637 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2020-14636 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2020-14627 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-14615 MEDIUM PATCH This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Financial Services Analytical Applications Infrastructure
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-14613 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Oracle Webcenter Sites
NVD
CVSS 3.1
6.1
EPSS
1.1%
Prev Page 3 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy