Skip to main content
CVE-2020-14849 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14842 HIGH PATCH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-14835 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14834 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14833 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14831 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14819 HIGH This Week

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass One To One Fulfillment
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14817 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14816 HIGH This Week

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Marketing
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14815 HIGH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
8.2
EPSS
8.2%
CVE-2020-14808 HIGH This Week

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Interface). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Trade Management
NVD
CVSS 3.1
8.2
EPSS
1.2%
CVE-2020-14784 HIGH PATCH This Week

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.1
8.2
EPSS
1.4%
CVE-2020-26896 HIGH PATCH This Week

Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Lightning Network Daemon
NVD GitHub
CVSS 3.1
8.2
EPSS
0.7%
CVE-2020-3550 HIGH This Week

A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Firepower Threat Defense Secure Firewall Management Center
NVD
CVSS 3.1
8.1
EPSS
2.2%
CVE-2020-3549 HIGH This Week

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Firepower Threat Defense Secure Firewall Management Center
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2020-3410 HIGH This Week

A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Authentication Bypass Secure Firewall Management Center
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2020-14865 HIGH This Week

Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection product of Oracle PeopleSoft (component: eSupplier Connection). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Scm Esupplier Connection
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2020-14734 HIGH PATCH This Week

Vulnerability in the Oracle Text component of Oracle Database Server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Oracle Information Disclosure Text
NVD
CVSS 3.1
8.1
EPSS
1.7%
CVE-2020-14878 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL
NVD
CVSS 3.1
8.0
EPSS
1.2%
CVE-2020-24425 HIGH PATCH This Week

Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Dreamweaver
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-24424 HIGH This Week

Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Premiere Pro
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-24423 HIGH This Week

Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Microsoft Media Encoder
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-24420 HIGH PATCH This Week

Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected by an uncontrolled search path element vulnerability that could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Microsoft Photoshop
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-24419 HIGH PATCH This Week

Adobe After Effects version 17.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Microsoft After Effects
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-24418 HIGH PATCH This Week

Adobe After Effects version 17.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .aepx file, which could result in a read past the end of an allocated memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure After Effects
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-9750 HIGH This Week

Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability, which could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE Information Disclosure Animate
NVD
CVSS 3.1
7.8
EPSS
4.0%
CVE-2020-9749 HIGH This Week

Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe RCE Information Disclosure Animate
NVD
CVSS 3.1
7.8
EPSS
4.0%
CVE-2020-9748 HIGH PATCH This Week

Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Stack Overflow Adobe Animate
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2020-9747 HIGH This Week

Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Animate
NVD
CVSS 3.1
7.8
EPSS
4.0%
CVE-2020-24422 HIGH This Week

Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Microsoft Creative Cloud
NVD
CVSS 3.1
7.8
EPSS
3.0%
CVE-2020-3459 HIGH PATCH This Week

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Cisco Command Injection Firepower Extensible Operating System
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-3455 HIGH PATCH This Week

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Cisco Authentication Bypass Firepower Extensible Operating System
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-10139 HIGH This Week

Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE OpenSSL Microsoft Authentication Bypass True Image
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10138 HIGH This Week

Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE OpenSSL Microsoft Authentication Bypass Cyber Backup +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-17355 HIGH This Week

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Eos
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-3555 HIGH This Week

A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-3554 HIGH This Week

A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2020-3533 HIGH This Week

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-3529 HIGH This Week

A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-3528 HIGH This Week

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-3317 HIGH This Week

A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2020-14820 HIGH This Week

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
7.5
EPSS
4.4%
CVE-2020-14774 HIGH PATCH This Week

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-3577 HIGH This Week

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an. Rated high severity (CVSS 7.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
7.4
EPSS
0.4%
CVE-2020-27611 HIGH PATCH This Week

BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an unintended endpoint. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bigbluebutton
NVD GitHub
CVSS 3.1
7.3
EPSS
0.7%
CVE-2020-10140 HIGH This Week

Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE True Image
NVD
CVSS 3.1
7.3
EPSS
0.4%
CVE-2020-15244 HIGH PATCH This Week

In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Adobe Code Injection PHP Magento
NVD GitHub
CVSS 3.1
7.2
EPSS
1.2%
CVE-2020-14828 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2020-14843 HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Oracle Business Intelligence
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-14807 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component: WebConnect). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Suite
NVD
CVSS 3.1
7.1
EPSS
1.3%
Prev Page 2 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy