CVE-2020-14528

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering component: Web Access. Supported versions that are affected are 16.1.0.0-16.1.5.1, 18.0.0.0-18.0.2.0 and 19.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

CVE-2020-2513

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...

The vulnerability of the `exif_read_data()` function implementation in the PHP programming language allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the exifreaddata function in the PHP programming language lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or cause service failure...

The vulnerability of the User Interface sub-component of the Oracle Insurance Accounting Analyzer component in the bank analytics system’s simulation model, Oracle Financial Services Applications, allows a perpetrator to create, delete, or modify access rights to protected information, or gain read-only access to data.

The vulnerability of the User Interface component of the Oracle Insurance Accounting Analyzer component in the bank analytics system’s simulation model application relates to the lack of protection for operational data. Exploiting this vulnerability allows an attacker to create, delete, or modify...

Vulnerability of the User Interface sub-component of the Oracle Financial Services Liquidity Risk Management banking analytics system’s simulation model. This vulnerability allows attackers to create, delete, or modify access rights to protected information, or gain read-only access to data.

The vulnerability of the User Interface component of the Oracle Financial Services Liquidity Risk Management banking analytics system’s simulation model applications is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to create, delete,...

CVE-2020-1808

Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187C00E60R4P11; versions earlier than 10.0.0.187C00E60R4P11; versions earlier than 10.0.0.176C00E60R2P11;9.1.0.135C00E133R2P1; versions earlier than...

The vulnerability of the Profile sub-component of the Oracle iSupport component in the Oracle E-Business Suite enterprise automation system allows a perpetrator to gain access to read data and modify that data.

The vulnerability of the Profile sub-component of the Oracle iSupport component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data through HTT...

The vulnerability of the Partners component of Oracle Marketing’s marketing platform, a part of the Oracle E-Business Suite, which allows attackers to gain unauthorized access to protected information.

The vulnerability of the Partners component of Oracle’s marketing platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...

The vulnerability of the `exif_read_data` function in the PHP programming language involves an operation that goes beyond the permissible buffer size limits. This allows attackers to gain unauthorized access to information or cause service failures.

The vulnerability of the exifreaddata function in the PHP programming language is related to the execution of operations that exceed the permissible buffer limits. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information or cause service failures...

CVE-2020-2920

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: Security. Supported versions that are affected are 9.3.3, 9.3.5 and 9.3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Agile PLM. Successful attac...

CVE-2020-2864

Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite component: Accounts. Supported versions that are affected are 12.1.3 and 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupplier...

DEBIAN-CVE-2020-2778

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...

CVE-2020-2744

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain component: Security. Supported versions that are affected are 6.3.7, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportati...

CVE-2020-2748

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ...

CVE-2020-2553

Vulnerability in the Oracle Knowledge product of Oracle Knowledge component: Information Manager Console. Supported versions that are affected are 8.6.0-8.6.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge. Successfu...

CVE-2020-2594

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Project Manager. Supported versions that are affected are 16.2.0.0 - 16.2.19.3, 17.12.0.0 - 17.12.17.0, 18.8.0.0 - 18.8.18.0, 19.12.1.0 - 19.12.3.0 and 20.1.0.0 -...

UBUNTU-CVE-2020-2800

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

PT-2020-2639 · Oracle · Oracle Solaris

Name of the Vulnerable Software and Affected Versions: Oracle Solaris versions 10 and 11 Description: The issue is related to a lack of protection for service data in the Whodo component of Oracle Solaris. It allows a low-privileged attacker with logon access to the infrastructure where Oracle...

The vulnerability of the exif_read_data function in the PHP programming language allows a perpetrator to gain unauthorized access to information or cause service failures.

The vulnerability of the exifreaddata function in the PHP programming language is related to the execution of operations that exceed the permissible buffer limits. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information or cause service failures...

The vulnerability of the exif_read_data function in the PHP interpreter lies in the fact that the exit operation exceeds the permissible buffer size limit. This allows an attacker to gain unauthorized access to information or cause a service failure.

The vulnerability of the exifreaddata function in PHP is related to the execution of operations within the allowable buffer limits. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information or cause service failures...