CVE-2020-2976

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...

CVE-2020-14686

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Others. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport...

CVE-2020-14684

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Infrastructure. Supported versions that are affected are 8.0.6-8.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2020-14652

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2020-14592

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Rich Text Editor. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2020-14563

Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications component: WebGUI. Supported versions that are affected are 3.0.0-3.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Apache Tomcat Code Problem Vulnerability

Apache Tomcat is the United States Apache Apache Software Foundation, a lightweight Web application server. The program implements the Servlet and JavaServer Page JSP support. A security vulnerability exists in Apache Tomcat. An attacker could exploit the vulnerability to access or modify...

CVE-2020-12032

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI...

Amazon Linux 2 : xorg-x11-server (ALAS-2020-1433)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1433 advisory. It was discovered that libX11 does not properly validate input coming from the server, causing XListExtensions and XGetFontPath functions to produce an invalid list of elements that in turn make...

The vulnerability of the DBI Setup component of the Oracle E-Business Intelligence software, a business automation system within the Oracle E-Business Suite. This component allows attackers to access, modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of the DBI Setup component of the Oracle E-Business Intelligence software, a business automation system within the Oracle E-Business Suite, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or...

CVE-2020-2744

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Security. Supported versions that are affected are 6.3.7, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportati...

CVE-2020-2553

Vulnerability in the Oracle Knowledge product of Oracle Knowledge component: Information Manager Console. Supported versions that are affected are 8.6.0-8.6.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge. Successfu...

CVE-2020-2594

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Project Manager. Supported versions that are affected are 16.2.0.0 - 16.2.19.3, 17.12.0.0 - 17.12.17.0, 18.8.0.0 - 18.8.18.0, 19.12.1.0 - 19.12.3.0 and 20.1.0.0 -...

UBUNTU-CVE-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

The vulnerability of the command-line interface of the Cisco FXOS operating system allows a attacker to gain access to read, modify, add, or delete data.

The vulnerability of the command-line interface of the Cisco FXOS operating system is related to insufficient validation of entered data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

CVE-2020-5292

Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers can execute arbitrary SQL queries negatively affecting the confidentiality, integrity, and availability of the site. Attackers can exfiltrate data like the users' and...

The vulnerability of the Oracle iSupport web application allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...

The vulnerability of the Oracle iSupport web application allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...

The vulnerability of the Web Listener component of the Oracle HTTP Server allows attackers to modify, add, or delete data, or gain unauthorized access to protected information.

The vulnerability of the Web Listener component of the Oracle HTTP Server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized access to protected information using the HTTP...

The vulnerability of the Console component of Oracle WebLogic Server allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Console component of Oracle WebLogic Server is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTP protocol...