CVE-2020-2650

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Promotions. The supported version that is affected is 16.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2020-2635

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: System Monitoring. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2602

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Tree Manager. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2020-2534

Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware component: Security and Authentication. Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-2602

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Tree Manager. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

The vulnerability of the Internal Operations component of the Oracle Retail Xstore Payment software allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

Vulnerability of the Internal Operations component of the Oracle Retail Xstore Payment software, with access control deficiencies. Exploitation of this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access to protected information usi...

Authorization

Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server TIE Server 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages...

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server allows a hacker to gain access to read, modify, or delete data, or to cause a service failure.

The vulnerability of the Core RDBMS component of the database management system Oracle Database Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data, or cause service interruptions through...

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component of the Oracle E-Business Suite allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite is related to lack of access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized...

AliCloud Storage Application Override Access and File Upload Vulnerability

Cloud storage is a new concept developed on the basis of the extension and derivation of cloud computing, the integrated use of distributed processing, parallel processing and grid computing and other means, the network of different types of storage devices through the application software...

OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765)

Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

CVE-2019-3019

Vulnerability in the Oracle Banking Digital Experience product of Oracle Financial Services Applications component: Loan Calculator. Supported versions that are affected are 18.1, 18.2, 18.3 and 19.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2019-2972

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2019-2942

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

CVE-2019-2925

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Worklist. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Workflow. Successful...

The vulnerability of the InnoDB component in the MySQL Database Management System allows attackers to gain access to modify, add, or delete data, causing system downtime or service failures.

The vulnerability of the InnoDB component in the MySQL Database Management System is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data, causing system downtime or service failures...

eQ-3 HomeMatic CCU2 and eQ-3 Homematic CCU3 Access Control Error Vulnerabilities

The eQ-3 Homematic CCU3 and the eQ-3 HomeMatic CCU2 are both central control units for a smart home system from eQ-3 Germany. An access control error vulnerability exists in the JSON API in the eQ-3 Homematic CCU2 version prior to 2.47.10 and the eQ-3 Homematic CCU3 version prior to 3.47.10, whic...

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite system allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data...

DEBIAN-CVE-2019-2816

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access v...

CVE-2019-2790

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications subcomponent: Infrastructure. Supported versions that are affected are 12.0.1-12.0.3, 12.1.0-12.4.0 and 14.0.0-14.2.0. Easily exploitable vulnerability allows low privileged attacker with...