CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2885 matches found

The Hacker News•added 2020/06/03 12:56 p.m.•57 views

Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...

9.1CVSS8.2AI score0.01888EPSS

Exploits0

BDU FSTEC•added 2020/05/29 12:0 a.m.•3 views

Vulnerability of the Server:Memcached component of the Oracle MySQL Server database management system, which allows attackers to cause service interruptions.

The vulnerability of the Server:Memcached component of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the Memcached network protocol...

7.1CVSS6.5AI score0.03191EPSS

Exploits0References5Affected Software3

BDU FSTEC•added 2020/05/21 12:0 a.m.•1 views

The vulnerability of the Java VM component of the Oracle Database Server database management system allows a hacker to gain full control over the application.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application using the Oracle Net network protocol...

8CVSS7.4AI score0.01125EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2020/05/21 12:0 a.m.•3 views

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain full control over the application.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full control over the application using the Oracle Net network...

7.1CVSS6.7AI score0.01031EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2020/05/21 12:0 a.m.•1 views

The vulnerability of the Outside In Filters component of the Oracle Software Development Kit (SDK), as well as the Oracle Text component of the Oracle Database Server database management system, allows a malicious individual to gain access to read, delete, and modify data, or to cause a service failure.

The vulnerability of the Outside In Filters component of the Oracle Software Development Kit SDK and the Oracle Text component of the Oracle Database Server system is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to gain read, delete, and modi...

7.5CVSS6.9AI score0.01154EPSS

Exploits0References3Affected Software2

NVD•added 2020/04/15 2:15 p.m.•18 views

CVE-2020-2737

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via...

6.4CVSS5.8AI score0.01031EPSS

Exploits0References1

NVD•added 2020/04/15 2:15 p.m.•20 views

CVE-2020-2735

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise...

8CVSS7.5AI score0.01125EPSS

Exploits0References1

NVD•added 2020/04/15 2:15 p.m.•20 views

CVE-2020-2734

Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Execute on DBMSSQLTUNE privilege with network access via Oracle Net to...

3.5CVSS1.8AI score0.00892EPSS

Exploits0References1

OSV•added 2020/04/15 2:15 p.m.•4 views

CVE-2020-2514

Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported version that is affected is Prior to 19.2. Easily exploitable vulnerability allows low privileged attacker having End User Role privilege with network access via HTTPS to compromise Oracle Applicati...

4.6CVSS6.1AI score0.00749EPSS

Exploits0References1

NVD•added 2020/04/15 2:15 p.m.•20 views

CVE-2020-2514

4.9CVSS3.7AI score0.00749EPSS

Exploits0References1

Prion•added 2020/04/15 2:15 p.m.•27 views

Design/Logic Flaw

3.5CVSS2.3AI score0.00892EPSS

Exploits0References1Affected Software1

Prion•added 2020/04/15 2:15 p.m.•14 views

Design/Logic Flaw

4.9CVSS4AI score0.00749EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2020/04/15 1:29 p.m.•10 views

CVE-2020-2737

6.4CVSS5.9AI score0.01031EPSS

Exploits0References1

CVE•added 2020/04/15 1:29 p.m.•67 views

CVE-2020-2734

CVE-2020-2734 affects Oracle Database Server, specifically the RDBMS/Optimizer component. Affected versions are 12.1.0.2, 12.2.0.1, 18c, and 19c. The vulnerability can be exploited by a highly privileged attacker who has Execute on the DBMS_SQLTUNE privilege and network access via Oracle Net. Exp...

3.5CVSS2.8AI score0.00892EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2020/04/15 1:29 p.m.•17 views

CVE-2020-2735

8CVSS6.6AI score0.01125EPSS

Exploits0References1

CVE•added 2020/04/15 1:29 p.m.•99 views

CVE-2020-2735

CVE-2020-2735 is a vulnerability in the Java VM component of Oracle Database Server. Affected Oracle versions are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. The issue is difficult to exploit but can be triggered by a low-privileged attacker with Create Session privilege and network access via Or...

8CVSS7.4AI score0.01125EPSS

Exploits0References1Affected Software1