CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9454 matches found

CVE•added 2020/10/21 2:4 p.m.•387 views

CVE-2020-14672

The CVE-2020-14672 issue affects Oracle MySQL Server (Server: Stored Procedure) and impacts MySQL Server versions 5.6.49 and earlier, 5.7.31 and earlier, and 8.0.21 and earlier. It can be triggered by a network-accessible attacker to cause a hang or a frequent crash (DoS). The vulnerability arise...

6.8CVSS4.9AI score0.01097EPSS

Exploits0References6Affected Software1

Cvelist•added 2020/10/21 2:4 p.m.•17 views

CVE-2020-14742

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYSDBA level account privilege with network access via Oracle Net to...

2.7CVSS3.3AI score0.00206EPSS

Exploits0References1

Cvelist•added 2020/10/21 2:4 p.m.•19 views

CVE-2020-14741

Vulnerability in the Database Filesystem component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Resource, Create Table, Create View, Create Procedure, Dbfsrole privilege...

4.9CVSS5AI score0.00213EPSS

Exploits0References1

Vulnrichment•added 2020/10/21 2:4 p.m.•14 views

CVE-2020-14736

Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Public Synonym privilege with network access via Oracle Net to compromi...

3.8CVSS5.1AI score0.0018EPSS

Exploits0References1

Mozilla•added 2020/10/21 12:0 a.m.•45 views

Security Vulnerabilities fixed in Thunderbird 78.4 — Mozilla

A use-after-free bug in the usersctp library was reported upstream. We assume this could have led to memory corruption and a potentially exploitable crash. Mozilla developers and community members Jason Kratzer, Simon Giesecke, Philipp, and Christian Holler reported memory safety bugs present in...

9.8CVSS2.3AI score0.03197EPSS

Exploits0References3Affected Software1

0day.today•added 2020/10/21 12:0 a.m.•149 views

LISTSERV Maestro 9.0-8 Remote Code Execution Vulnerability

An unauthenticated remote code execution vulnerability was found in the LISTSERV Maestro software, versions 9.0-8 and below. This vulnerability stems from a known issue in struts, CVE-2010-1870, that allows for code execution via OGNL Injection. This vulnerability has been confirmed to be...

5CVSS9.9AI score0.92533EPSS

Exploits22

ATTACKERKB•added 2020/10/21 12:0 a.m.•1450 views

CVE-2020-14871

Vulnerability in the Oracle Solaris product of Oracle Systems component: Pluggable authentication module. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris...

10CVSS9.5AI score0.88872EPSS

In wildExploits81References8

Oracle•added 2020/10/20 12:0 a.m.•203 views

Oracle Critical Patch Update Advisory - October 2020

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

10CVSS8.9AI score0.9447EPSS

Exploits260Affected Software146

NVD•added 2020/10/15 3:15 p.m.•21 views

CVE-2020-6108

An exploitable code execution vulnerability exists in the fsckchkorphannode functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.2CVSS0.0116EPSS

Exploits1References2

NVD•added 2020/10/15 3:15 p.m.•16 views

CVE-2020-6105

An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.2CVSS0.0061EPSS

Exploits1References2

OSV•added 2020/10/15 3:15 p.m.•18 views

CVE-2020-6104

An exploitable information disclosure vulnerability exists in the getdnodeofdata functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this...

5.5CVSS6.1AI score

Exploits0References2

NVD•added 2020/10/15 3:15 p.m.•11 views

CVE-2020-6107

An exploitable information disclosure vulnerability exists in the devread functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.5CVSS0.0026EPSS

Exploits1References2

OSV•added 2020/10/15 3:15 p.m.•2 views

ALPINE-CVE-2020-6105

7.8CVSS8.1AI score0.0061EPSS

Exploits1References1

Prion•added 2020/10/15 3:15 p.m.•13 views

Information disclosure

An exploitable information disclosure vulnerability exists in the initnodemanager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability...

4.3CVSS5.2AI score0.00292EPSS

Exploits1References2Affected Software1

Prion•added 2020/10/15 3:15 p.m.•15 views

Information disclosure

4.3CVSS5.1AI score0.0026EPSS

Exploits1References2Affected Software1