Skip to main content
CVE-2020-14780 HIGH PATCH This Week

Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Business Intelligence Publisher
NVD
CVSS 3.1
7.1
EPSS
1.4%
CVE-2020-14766 HIGH PATCH This Week

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web Administration). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Business Intelligence
NVD
CVSS 3.1
7.1
EPSS
1.1%
CVE-2020-14858 MEDIUM This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Hospitality Opera 5 Property Services
NVD
CVSS 3.1
6.8
EPSS
1.4%
CVE-2020-14757 MEDIUM PATCH This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Oracle Authentication Bypass Weblogic Server
NVD
CVSS 3.1
6.8
EPSS
1.9%
CVE-2020-3514 MEDIUM This Month

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Firepower Threat Defense Secure Firewall Management Center
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-3458 MEDIUM This Month

Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Authentication Bypass Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-3457 MEDIUM PATCH This Month

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Cisco Command Injection Firepower Extensible Operating System Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-3578 MEDIUM PATCH This Month

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Cisco Authentication Bypass Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2020-14897 MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-14896 MEDIUM This Month

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Banking Payments
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14894 MEDIUM This Month

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Banking Corporate Lending
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14890 MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Applications (component: Pre Login). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Direct Banking
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2020-14887 MEDIUM This Month

Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Flexcube Universal Banking
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14877 MEDIUM This Month

Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications (component: Logging). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hospitality Opera 5 Property Services
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-14846 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-14836 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-14830 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-14827 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-14823 MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2020-14800 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2020-14795 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-14775 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-14769 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-14765 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +5
NVD
CVSS 3.1
6.5
EPSS
3.0%
CVE-2020-14761 MEDIUM PATCH This Month

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Oracle Diagnostics Interfaces). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Applications Manager
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-14744 MEDIUM PATCH This Month

Vulnerability in the Oracle REST Data Services product of Oracle REST Data Services (component: General). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Rest Data Services
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-6648 MEDIUM This Month

A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Information Disclosure Fortiproxy Fortios
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-14778 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (component: Security). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Peoplesoft Enterprise Human Capital Management Global Payroll Core
NVD
CVSS 3.1
6.3
EPSS
0.9%
CVE-2020-17454 MEDIUM This Month

WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF Api Manager
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-3599 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Adaptive Security Appliance Adaptive Security Appliance Software
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-3583 MEDIUM PATCH This Month

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Cisco Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-3582 MEDIUM PATCH This Month

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Cisco Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-3581 MEDIUM PATCH This Month

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Cisco Firepower Threat Defense Adaptive Security Appliance Software
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-3558 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Secure Firewall Management Center
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-3553 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Secure Firewall Management Center
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-3515 MEDIUM This Month

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Secure Firewall Management Center
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-5650 MEDIUM This Month

Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Simple Download Monitor
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-14854 MEDIUM This Month

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: UI and Visualization). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Infrastructure Technology
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2020-14832 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-14813 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Grids). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-14802 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-14801 MEDIUM PATCH This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Peoplesoft Enterprise Peopletools
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-14788 MEDIUM PATCH This Month

Vulnerability in the Oracle Communications Diameter Signaling Router (DSR) product of Oracle Communications (component: User Interface). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Communications Diameter Signaling Router
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2020-14889 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2020-14886 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14885 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14884 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14881 MEDIUM This Month

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Oracle Authentication Bypass Vm Virtualbox
NVD
CVSS 3.1
6.0
EPSS
0.7%
CVE-2020-14753 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity.

Oracle Authentication Bypass Hospitality Reporting And Analytics
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2020-3565 MEDIUM This Month

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Firepower Threat Defense
NVD
CVSS 3.1
5.8
EPSS
0.9%
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy