9454 matches found
CVE-2020-2821
Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite component: Budget. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade...
CVE-2020-2819
CVE-2020-2819 affects Oracle E-Business Suite Universal Work Queue (component: Work Provider Administration) and multiple supported versions (12.1.1–12.1.3). The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Universal Work Queue; successful attack...
CVE-2020-2820
CVE-2020-2820 describes a high-severity vulnerability in Oracle E-Business Suite’s Common Applications Calendar (Notes) affecting 12.1.1–12.1.3 and 12.2.3–12.2.8. The flaw allows unauthenticated, network-access via HTTP, with user interaction required, to access/modify Oracle CAC data and may imp...
CVE-2020-2823
CVE-2020-2823 affects Oracle E-Business Suite, Common Applications Calendar component Notes (versions 12.1.1–12.1.3). The issue permits an unauthenticated attacker with network access via HTTP to compromise Calendar data and may allow unauthorized read/write depending on data accessibility. The C...
CVE-2020-2823
Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite component: Notes. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common...
CVE-2020-2807
Vulnerability in the Oracle Marketing Encyclopedia System product of Oracle E-Business Suite component: Administration. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-2801
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to...
CVE-2020-2781
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...
CVE-2020-2782
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Query. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2020-2781
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...
CVE-2020-2760
CVE-2020-2760 affects MySQL Server (InnoDB) with affected versions 5.7.29 and prior, and 8.0.19 and prior. It enables a high-privilege attacker with network access to cause a hang or crash (DoS) and potentially unauthorized data updates/inserts/deletes. The ALAS advisory shows remediation through...
CVE-2020-2776
CVE-2020-2776 affects Oracle PeopleSoft Enterprise PeopleTools Security component, with impact on PeopleSoft versions 8.56 and 8.57. The vulnerability is exploitable over HTTP by an unauthenticated, network-accessing attacker and can lead to a hang or repeated crashes (denial of service) of Peopl...
CVE-2020-2770
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Logging. Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...
CVE-2020-2770
CVE-2020-2770 affects Oracle MySQL’s Server: Logging component. Affected: MySQL 8.0.18 and earlier. An attacker with network access via multiple protocols can cause a hang or frequent crash (DoS). No fix version/details provided in the supplied documents; no exploitation details are disclosed.
CVE-2020-2775
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2020-2760
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2020-2765
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
CVE-2020-2761
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2020-2742
CVE-2020-2742 affects Oracle VM VirtualBox (core) with vulnerable versions prior to 5.2.36, 6.0.16, and 6.1.2. The vulnerability allows a high-privilege attacker with local logon to compromise VirtualBox, potentially taking control of the VirtualBox host. CVSS 3.0 base score is 8.2 (HIGH) with lo...
CVE-2020-2750
The CVE-2020-2750 entry concerns Oracle E-Business Suite General Ledger, specifically the Account Hierarchy Manager component. Affected versions are 12.1.1–12.1.3 and 12.2.3–12.2.9. The vulnerability is described as easily exploitable with unauthenticated network access via HTTP, allowing access ...