CVE-2020-2631

CVE-2020-2631 affects Oracle Enterprise Manager Base Platform (component: Application Service Level Mgmt) in Oracle Enterprise Manager. Affected versions are 12.1.0.5, 13.2.0.0 and 13.3.0.0. The vulnerability is exploitable over HTTP with network access and requires HIGH privileges; successful ex...

CVE-2020-2626

CVE-2020-2626 affects Oracle Enterprise Manager Cloud Control Manager – OMS within the Enterprise Manager Base Platform. Affected versions are 12.1.0.5, 13.2.0.0 and 13.3.0.0. The vulnerability enables a high-privileged attacker with network access over HTTP to compromise the Base Platform, poten...

CVE-2020-2640

CVE-2020-2640 affects Oracle Enterprise Manager for Oracle Database (Target Management component). Vulnerable are versions 12.1.0.5, 13.2.0.0 and 13.3.0.0. The vulnerability enables a high-privilege attacker who can reach the service over HTTP to compromise the Enterprise Manager, potentially gai...

CVE-2020-2624

Oracle Enterprise Manager Base Platform, Connector Framework is affected (CVE-2020-2624). The connected Nessus plugin lists affected versions: 12.1.0.5, 13.2.0.0 and 13.3.0.0. The vulnerability path is described as an easily exploitable issue allowing a high-privileged attacker with network acces...

CVE-2020-2641

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager component: Discovery Framework. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP ...

CVE-2020-2613

CVE-2020-2613 affects Oracle Enterprise Manager Base Platform within the Global EM Framework. Affected versions are 12.1.0.5, 13.2.0.0, and 13.3.0.0. The vulnerability is described as easily exploitable with network access via HTTP by a high-privilege attacker, potentially leading to unauthorized...

CVE-2020-2620

CVE-2020-2620 is reported to affect Oracle Enterprise Manager Base Platform, specifically the Enterprise Config Management component, with affected versions 12.1.0.5, 13.2.0.0 and 13.3.0.0. The connected Nessus entry corroborates this by listing CVE-2020-2620 among the vulnerabilities in the Ente...

CVE-2020-2611

CVE-2020-2611 affects Oracle Enterprise Manager Base Platform (Enterprise Config Management) with affected versions 12.1.0.5, 13.2.0.0 and 13.3.0.0. The vulnerability allows a high-privilege attacker with network access via HTTP to compromise the Enterprise Manager Base Platform, potentially lead...

CVE-2020-2614

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager component: APM Mesh. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2020-2611

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Enterprise Config Management. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HT...

CVE-2020-2612

The CVE-2020-2612 entry concerns Oracle Enterprise Manager Base Platform (Enterprise Config Management) with affected versions 12.1.0.5, 13.2.0.0 and 13.3.0.0. The connected documents confirm this is a network-accessible issue via HTTP that allows a high-privilege attacker to compromise the Base ...

CVE-2020-2589

CVE-2020-2589 is a vulnerability in Oracle MySQL Server (InnoDB) affecting 5.7.28 and earlier and 8.0.17 and earlier. The issue can allow a high-privilege attacker with network access via multiple protocols to cause a hang or repeated crashes (complete DOS) of MySQL Server, with an availability i...

CVE-2020-2598

CVE-2020-2598 affects Oracle PeopleSoft Enterprise PeopleTools, specifically the Activity Guide component, in versions 8.56 and 8.57. The vulnerability arises from an issue in PeopleTools that allows an unauthenticated attacker, with network access via HTTP, to compromise the PeopleSoft PeopleToo...

CVE-2020-2589

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.28 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

CVE-2020-2600

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2020-2586

CVE-2020-2586 affects Oracle E-Business Suite HR, specifically the Hierarchy Diagrammers component. Affected versions are 12.1.1–12.1.3 and 12.2.3–12.2.9. The entry describes an easily exploitable vulnerability that enables a low-privilege, network-accessible attacker (HTTPS) to compromise Oracle...

CVE-2020-2591

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite component: Application Service. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle...

CVE-2020-2566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...

CVE-2020-2568

CVE-2020-2568 is a vulnerability in the Oracle Applications DBA component of Oracle Database Server. Affected products/versions listed in the provided materials include Oracle Database Server with Applications DBA: 12.1.0.2, 12.2.0.1, 18c, and 19c. The flaw can be exploited by a low-privilege att...

CVE-2020-2579

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...