Skip to main content
CVE-2024-21499 MEDIUM This Month

All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Caddy Security
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-20939 MEDIUM This Month

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Admin Console). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Customer Relationship Management Technical Foundation
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-20937 MEDIUM This Month

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-20925 LOW PATCH Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle Graalvm Jdk +1
NVD
CVSS 3.1
3.1
EPSS
0.6%
CVE-2024-20923 LOW Monitor

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Java Oracle Graalvm Jdk +1
NVD
CVSS 3.1
3.1
EPSS
0.6%
CVE-2024-20905 LOW Monitor

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure SEC). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Jd Edwards Enterpriseone Tools
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2024-20911 LOW Monitor

Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Hashicorp Oracle Audit Vault And Database Firewall
NVD
CVSS 3.1
2.6
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy