CVE-2020-6110

An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution. An attacker needs ...

CVE-2020-6110

Vulnerability summary (CVE-2020-6110) : Zoom Client versions prior to 4.6.12 are affected by a partial path traversal vulnerability in how the client processes chat messages containing shared code snippets. A specially crafted message can cause an arbitrary binary planting or write, potentially e...

CVE-2020-6110

An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution. An attacker needs ...

CloudBees Jenkins Subversion Partial Release Manager Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Subversion Partial Release Manager Plugin is...

CVE-2020-3959

VMware ESXi 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, VMware Workstation 15.x before 15.1.0 and VMware Fusion 11.x before 11.1.0 contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-administrative access to a virtual machine may be ab...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to protected information or cause partial service disruption.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause a partial service failure using the...

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK allows a malicious actor to gain unauthorized access to protected information or cause partial service disruption.

The vulnerability of the Outside In Filters component within the Oracle Outside In Technology SDK is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause a partial service failure using the...

thrift: Endless loop when feed with specific input data

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

thrift: Endless loop when feed with specific input data

In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings...

The vulnerability of the Transaction Processing sub-component of the Oracle FLEXCUBE Core Banking banking analytics system’s simulation model, Oracle Financial Services Applications. This vulnerability allows attackers to create, delete, or modify access rights to protected information, or gain read-only access to data. It can also cause partial service interruption.

The vulnerability of the Transaction Processing sub-component of the Oracle FLEXCUBE Core Banking banking analytics system, an imitation model of Oracle Financial Services Applications, is related to the lack of protection for operational data. Exploiting this vulnerability allows a malicious act...

The vulnerability of the sub-component Federation of the Oracle Access Manager software component of the Oracle Fusion Middleware, which allows a perpetrator to cause a partial service disruption.

The vulnerability of the Federation sub-component of the Oracle Access Manager software component within the Oracle Fusion Middleware platform is related to resource release errors. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a partial service failure through...

Oracle WebCenter Content Unspecified Vulnerability (April 2018 CPU)

The version of Oracle WebCenter Content running on the remote host is affected by a vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware subcomponent: Content Server. Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. An easy to exploit...

OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...

OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...

OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...