Skip to main content
CVE-2024-20963 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-20961 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2024-0556 MEDIUM This Month

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wic1200 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-20930 MEDIUM PATCH This Month

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Outside In Technology
NVD
CVSS 3.1
6.3
EPSS
0.4%
CVE-2024-20950 MEDIUM PATCH This Month

Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Customer Interaction History
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20948 MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Knowledge Management
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20942 MEDIUM PATCH This Month

Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Complex Maintenance Repair And Overhaul
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-20940 MEDIUM PATCH This Month

Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Create, Update, Authoring Flow). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Knowledge Management
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-20938 MEDIUM PATCH This Month

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Istore
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20936 MEDIUM PATCH This Month

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle One To One Fulfillment
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20934 MEDIUM PATCH This Month

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Installed Base
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-20928 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Content
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-20908 MEDIUM PATCH This Month

Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Webcenter Sites
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-0238 MEDIUM This Month

The EventON Premium WordPress plugin before 4.5.6, EventON WordPress plugin before 2.2.8 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Eventon
NVD WPScan
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-0233 MEDIUM This Month

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Eventon
NVD WPScan
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-20969 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-20967 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2024-20946 MEDIUM PATCH This Month

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Oracle Solaris
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-0581 MEDIUM This Month

An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Scdbg
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-20987 MEDIUM PATCH This Month

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20979 MEDIUM PATCH This Month

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Bi Publisher
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-20944 MEDIUM PATCH This Month

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Oracle Isupport
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-0554 MEDIUM This Month

A Cross-site scripting (XSS) vulnerability has been found on WIC1200, affecting version 1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wic1200 Firmware
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-0579 MEDIUM This Month

A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection X2000r Firmware
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
2.2%
CVE-2024-0237 MEDIUM This Month

The EventON WordPress plugin through 4.5.8, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Eventon
NVD WPScan
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-0236 MEDIUM This Month

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Eventon
NVD WPScan
CVSS 3.1
5.3
EPSS
0.5%
CVE-2024-20904 MEDIUM PATCH This Month

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Business Intelligence
NVD
CVSS 3.1
5.0
EPSS
0.4%
CVE-2024-20983 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2024-20981 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-20971 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2024-20965 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle MySQL Oncommand Insight
NVD
CVSS 3.1
4.9
EPSS
1.5%
CVE-2024-20906 MEDIUM PATCH This Month

Vulnerability in the Integrated Lights Out Manager (ILOM) product of Oracle Systems (component: System Management). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Integrated Lights Out Manager Firmware
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-20959 MEDIUM PATCH This Month

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Oracle Zfs Storage Appliance Kit
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-20920 LOW PATCH Monitor

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Solaris
NVD
CVSS 3.1
3.8
EPSS
0.2%
CVE-2024-20910 LOW PATCH Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Hashicorp Information Disclosure Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
3.0
EPSS
0.3%
CVE-2024-20957 LOW PATCH Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Package Build SEC). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2024-20912 LOW PATCH Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Hashicorp Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
2.7
EPSS
0.3%
CVE-2024-20922 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 2.5), this vulnerability is no authentication required.

Authentication Bypass Java Oracle Graalvm Jdk +4
NVD
CVSS 3.1
2.5
EPSS
0.3%
CVE-2024-20914 LOW PATCH Monitor

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Oracle Zfs Storage Appliance Kit
NVD
CVSS 3.1
2.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy