Skip to main content

Oncommand Insight

802 CVEs product

Monthly

CVE-2020-14828 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2020-14827 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-14821 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2020-14812 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +5
NVD
CVSS 3.1
4.9
EPSS
2.9%
CVE-2020-14809 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-14804 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.8%
CVE-2020-14803 MEDIUM PATCH This Month

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Openjdk Graalvm +17
NVD
CVSS 3.1
5.3
EPSS
3.1%
CVE-2020-14800 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2020-14799 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
1.3%
CVE-2020-14798 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Openjdk Jdk +16
NVD
CVSS 3.1
3.1
EPSS
2.7%
CVE-2020-14797 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Openjdk Jdk +16
NVD
CVSS 3.1
3.7
EPSS
2.2%
CVE-2020-14796 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Openjdk Jdk +16
NVD
CVSS 3.1
3.1
EPSS
2.5%
CVE-2020-14794 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14793 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14792 MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Openjdk Jdk +17
NVD
CVSS 3.1
4.2
EPSS
2.2%
CVE-2020-14791 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
2.2
EPSS
1.6%
CVE-2020-14790 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14789 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2020-14786 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14785 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14782 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Openjdk Jdk +14
NVD
CVSS 3.1
3.7
EPSS
2.2%
CVE-2020-14781 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass Openjdk Jdk +15
NVD
CVSS 3.1
3.7
EPSS
2.3%
CVE-2020-14779 LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle Openjdk Jdk +17
NVD
CVSS 3.1
3.7
EPSS
3.7%
CVE-2020-14777 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14776 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Oncommand Insight Snapcenter +2
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2020-14775 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-14773 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14771 LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
2.2
EPSS
1.3%
CVE-2020-14769 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-14765 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +5
NVD
CVSS 3.1
6.5
EPSS
3.0%
CVE-2020-14672 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-25644 Maven HIGH PATCH This Week

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Denial Of Service Wildfly Openssl Data Grid Jboss Data Grid +7
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-10714 Maven HIGH PATCH This Week

A flaw was found in WildFly Elytron version 1.11.3.Final and before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Session Fixation Information Disclosure Wildfly Elytron Codeready Studio Descision Manager +3
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-5421 Maven MEDIUM PATCH This Month

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Java Authentication Bypass Spring Framework Commerce Guided Search Communications Brm +35
NVD
CVSS 3.1
6.5
EPSS
10.7%
CVE-2020-13946 Maven MEDIUM PATCH This Month

In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Information Disclosure Cassandra Oncommand Insight
NVD
CVSS 3.1
5.9
EPSS
3.0%
CVE-2020-8174 HIGH POC PATCH This Week

napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow Node Js Banking Extensibility Workbench Blockchain Platform Mysql Cluster +5
NVD
CVSS 3.1
8.1
EPSS
7.6%
CVE-2020-14702 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2020-14697 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2020-14680 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2020-14678 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2020-14664 HIGH This Week

Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre +13
NVD
CVSS 3.1
8.3
EPSS
4.2%
CVE-2020-14663 HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2020-14656 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
4.9
EPSS
1.9%
CVE-2020-14654 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14651 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2020-14643 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
5.5
EPSS
2.1%
CVE-2020-14633 LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
2.7
EPSS
1.4%
CVE-2020-14632 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2020-14631 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14624 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-14623 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
4.9
EPSS
2.0%
CVE-2020-14621 MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass Openjdk Jdk +21
NVD
CVSS 3.1
5.3
EPSS
4.3%
CVE-2020-14620 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +3
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14619 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +4
NVD
CVSS 3.1
6.5
EPSS
2.7%
CVE-2020-14614 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +4
NVD
CVSS 3.1
4.9
EPSS
2.3%
CVE-2020-14597 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +4
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-14593 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass Openjdk Jdk +18
NVD
CVSS 3.1
7.4
EPSS
3.9%
CVE-2020-14591 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2020-14586 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-14583 HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure Openjdk Jdk +18
NVD
CVSS 3.1
8.3
EPSS
4.0%
CVE-2020-14581 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Openjdk Jdk +19
NVD
CVSS 3.1
3.7
EPSS
3.3%
CVE-2020-14579 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Openjdk Jdk +19
NVD
CVSS 3.1
3.7
EPSS
4.0%
CVE-2020-14578 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle Openjdk Jdk +19
NVD
CVSS 3.1
3.7
EPSS
4.0%
CVE-2020-14577 LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Openjdk Jdk +18
NVD
CVSS 3.1
3.7
EPSS
3.3%
CVE-2020-14576 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-14575 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager Oncommand Insight Oncommand Workflow Automation +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-14568 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-14567 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +2
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2020-14559 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.3
EPSS
1.9%
CVE-2020-14556 MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass Openjdk Jdk +18
NVD
CVSS 3.1
4.8
EPSS
3.0%
CVE-2020-14553 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.3
EPSS
2.0%
CVE-2020-14550 MEDIUM This Month

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2020-14547 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2020-14540 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
4.9
EPSS
2.2%
CVE-2020-14539 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Active Iq Unified Manager Oncommand Insight +4
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-4051 npm MEDIUM PATCH This Month

In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dijit Debian Linux Active Iq Unified Manager Oncommand Insight +2
NVD GitHub
CVSS 3.1
5.4
EPSS
1.2%
CVE-2020-10705 Maven HIGH PATCH This Week

A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Undertow Oncommand Insight Jboss Enterprise Application Platform Openshift Application Runtimes
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-10719 Maven MEDIUM PATCH This Month

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Undertow Oncommand Insight Fuse +5
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-11022 LIB MEDIUM POC PATCH This Month

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS Jquery Drupal Debian Linux Fedora +66
NVD GitHub Exploit-DB VulDB
CVSS 3.1
6.9
EPSS
2.1%
CVE-2020-11023 LIB MEDIUM POC KEV PATCH THREAT This Month

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Jquery Debian Linux Fedora Drupal +48
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
83.8%
CVE-2020-1967 Cargo HIGH POC PATCH THREAT This Week

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service OpenSSL Debian Linux Freebsd +23
NVD GitHub
CVSS 3.1
7.5
EPSS
53.3%
CVE-2020-2930 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.4
EPSS
1.7%
CVE-2020-2925 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-2924 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.5%
CVE-2020-2923 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Active Iq Unified Manager +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-2922 LOW Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 3.1
3.7
EPSS
2.4%
CVE-2020-2904 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.4%
CVE-2020-2903 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.1%
CVE-2020-2901 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.6%
CVE-2020-2898 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL Fedora Ubuntu Linux +4
NVD
CVSS 3.1
4.9
EPSS
2.5%
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL +4
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +7
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass +19
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 3% CVSS 3.1
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +18
NVD
EPSS 2% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +18
NVD
EPSS 2% CVSS 3.1
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +18
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.2
MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +19
NVD
EPSS 2% CVSS 2.2
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 3% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +16
NVD
EPSS 2% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Authentication Bypass +17
NVD
EPSS 4% CVSS 3.7
LOW Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Denial Of Service Oracle +19
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 3% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 1% CVSS 2.2
LOW PATCH Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 3% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +7
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

OpenSSL Denial Of Service Wildfly Openssl +9
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A flaw was found in WildFly Elytron version 1.11.3.Final and before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Session Fixation Information Disclosure Wildfly Elytron +5
NVD
EPSS 11% CVSS 6.5
MEDIUM PATCH This Month

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Java Authentication Bypass Spring Framework +37
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Information Disclosure Cassandra +1
NVD
EPSS 8% CVSS 8.1
HIGH POC PATCH This Week

napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow Node Js Banking Extensibility Workbench +7
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure MySQL +5
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Active Iq Unified Manager +5
NVD
EPSS 4% CVSS 8.3
HIGH This Week

Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Oracle Information Disclosure +15
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Information Disclosure Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 5.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 4% CVSS 5.3
MEDIUM This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Oracle Authentication Bypass +23
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager +5
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager +6
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager +6
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager +6
NVD
EPSS 4% CVSS 7.4
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Oracle Authentication Bypass +20
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +5
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +6
NVD
EPSS 4% CVSS 8.3
HIGH PATCH This Week

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Information Disclosure +20
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +21
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +21
NVD
EPSS 4% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Denial Of Service Oracle +21
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +20
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Active Iq Unified Manager +6
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle MySQL +4
NVD
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL +6
NVD
EPSS 3% CVSS 4.8
MEDIUM PATCH This Month

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.

Java Oracle Authentication Bypass +20
NVD
EPSS 2% CVSS 4.3
MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass MySQL +6
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dijit Debian Linux +4
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Undertow Oncommand Insight +2
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Undertow +7
NVD
EPSS 2% CVSS 6.9
MEDIUM POC PATCH This Month

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

XSS Jquery Drupal +68
NVD GitHub Exploit-DB VulDB
EPSS 84% CVSS 6.1
MEDIUM POC KEV PATCH THREAT This Month

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Jquery Debian Linux +50
NVD GitHub Exploit-DB
EPSS 53% CVSS 7.5
HIGH POC PATCH THREAT This Week

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service OpenSSL +25
NVD GitHub
EPSS 2% CVSS 4.4
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 3.7
LOW Monitor

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Oracle Authentication Bypass MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 2% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
EPSS 3% CVSS 4.9
MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Oracle MySQL +6
NVD
Prev Page 6 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy