CVE-2020-8576

Technical details about CVE-2020-8576 are not publicly provided in the supplied documents. Monitor for updates.

The vulnerability of the Windows Media Foundation component in Windows operating systems allows attackers to gain privileges to install programs, view, modify, or delete data, as well as create new user accounts with full user rights.

The vulnerability of the Windows Media Foundation component in Windows operating systems arises from operations that occur outside the buffer in memory. Exploiting this vulnerability can allow attackers to gain control over programs, access data, modify or delete data, and create new user account...

CVE-2020-14729

Vulnerability in SuiteCommerce Advanced SCA Sites component of Oracle NetSuite service. Supported versions that are affected are prior to 2020.1.4. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise NetSuite SCA. Successful attacks of this...

CVE-2020-14729

Vulnerability in SuiteCommerce Advanced SCA Sites component of Oracle NetSuite service. Supported versions that are affected are prior to 2020.1.4. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise NetSuite SCA. Successful attacks of this...

The vulnerability of the Windows Media Foundation component in Windows operating systems allows attackers to install programs, view, modify, or delete data with the privileges of a legitimate user.

The vulnerability of the Windows Media Foundation component in Windows operating systems arises from operations that occur outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to install programs, view, modify, or delete data with the privileges of a legitimate use...

mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MyS...

mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

mysql: Server: Security: Roles unspecified vulnerability (CPU Jul 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Roles. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

mysql: InnoDB unspecified vulnerability (CPU Apr 2020)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

PT-2020-5179 · Cisco · Cisco Data Center Network Manager

Name of the Vulnerable Software and Affected Versions: Cisco Data Center Network Manager DCNM affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to view, modify, and delete data without proper...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

...

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

...

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).

...

The vulnerability of the Mobile Service component of the Oracle BI Publisher software platform, related to insufficient validation of input data, allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Mobile Service sub-component of the BI Publisher software development platform, Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protect...

The vulnerability of the FACE component of the Oracle Communications Interactive Session Recorder, related to insufficient validation of input data, allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the FACE component of the Oracle Communications Interactive Session Recorder relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or to modify, add, or delete data...

The vulnerability of the Java SE product’s software platform component, Oracle Java SE, is related to insufficient validation of input data. This allows a malicious actor to gain unauthorized access to read, modify, add, or delete data.

The vulnerability of the Hotspot component in Oracle Java SE software lies in insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to read, modify, add, or delete data using the HTTP protocol...

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software lies in insufficient validation of input data. This allows an attacker to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Infrastructure component of the Oracle FLEXCUBE Investor Servicing financial management software lies in insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information ...

The vulnerability of the Environment Mgmt Console component in the Oracle PeopleSoft Enterprise PeopleTools business application suite, due to insufficient input data validation, allows attackers to modify, add, or delete data, or cause system downtime or service failures.

The vulnerability of the Security component of the Oracle Unified Directory application for simplified deployment in the Oracle Fusion Middleware software is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify, add, or delete data...

The vulnerability of the Libraries component in Oracle Java SE and Java SE Embedded software platforms lies in insufficient validation of input data. This allows attackers to gain unauthorized access to protected information, or to perform actions such as reading, modifying, adding, or deleting data.

The vulnerability of the Libraries component in Oracle Java SE and Java SE Embedded software platforms is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, or to read, modify, add, or delete...