476 matches found
CVE-2020-14545
CVE-2020-14545 is a vulnerability in Oracle Solaris (component: Device Driver Utility) affecting the 11.x family. The connected documents specify that the vulnerability allows a low-privilege, logon-based attacker, with required user interaction, to compromise Oracle Solaris and potentially perfo...
CVE-2020-14562
Vulnerability in the Java SE product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...
CVE-2020-14579
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...
OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)
Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...
Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2020-1365)
The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.261-2.6.22.1.83. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1365 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...
Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2020-1421)
The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.252.b09-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1421 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...
OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...
OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2020-1394)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-2934
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL...
CVE-2020-2782
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Query. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...
CVE-2020-2787
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...
CVE-2020-2773
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2020-2754
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2020-2594
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Project Manager. Supported versions that are affected are 16.2.0.0 - 16.2.19.3, 17.12.0.0 - 17.12.17.0, 18.8.0.0 - 18.8.18.0, 19.12.1.0 - 19.12.3.0 and 20.1.0.0 -...
Code injection
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering component: Project Manager. Supported versions that are affected are 16.2.0.0 - 16.2.19.3, 17.12.0.0 - 17.12.17.0, 18.8.0.0 - 18.8.18.0, 19.12.1.0 - 19.12.3.0 and 20.1.0.0 -...
CVE-2020-2934
Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/J. Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL...
CVE-2020-2756
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...
CVE-2020-2934
CVE-2020-2934 affects MySQL Connector/J (Oracle MySQL) with vulnerable Connector/J components in affected releases: 8.0.19 and earlier, and 5.1.48 and earlier. A remote attacker can exploit over multiple network protocols with unauthenticated access; however, successful exploitation requires user...