CVE-2020-2608

CVE-2020-2608 affects Oracle Enterprise Manager Base Platform (Repository) with vulnerable versions 13.2.0.0 and 13.3.0.0. The issue allows a high-privilege attacker with network access over HTTP to gain unauthorized access to data across Enterprise Manager Base Platform, plus unauthorized update...

CVE-2020-2620

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Enterprise Config Management. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HT...

CVE-2020-2618

CVE-2020-2618 affects Oracle Enterprise Manager Base Platform, specifically the Enterprise Config Management component. Connected sources indicate affected versions are 12.1.0.5, 13.2.0.0 and 13.3.0.0. The vulnerability is described as allowing a high-privilege attacker with network access via HT...

CVE-2020-2608

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Repository. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise...

CVE-2020-2583

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

CVE-2020-2578

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMB to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris,...

CVE-2020-2576

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2020-2581

CVE-2020-2581 affects Oracle GraalVM Enterprise Edition, LLVM Interpreter, specifically version 19.3.0.2. The issue allows an unauthenticated user with access to the hosting infrastructure to compromise GraalVM Enterprise Edition, potentially causing partial denial of service (availability impact...

CVE-2020-2541

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2020-2542

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware component: Outside In Filters. The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In...

CVE-2020-2542

CVE-2020-2542 affects Oracle Outside In Technology (Outside In Filters) in Oracle Fusion Middleware, with the affected 8.5.4 version. The vulnerability can be exploited by an unauthenticated attacker with network access via HTTP to modify data (update/insert/delete) and potentially cause a partia...

CVE-2020-2515

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via OracleN...

CVE-2020-2515

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via OracleN...

CVE-2020-2540

CVE-2020-2540 concerns Oracle Outside In Technology (Outside In Filters). Connected IBM DOORS Next/Engineering Requirements Management bulletin documents confirm this CVE family is associated with IBM DOORS Next components and outline remediation by upgrading to fixed DOORS Next releases: 7.0 iFi...

CVE-2020-2654

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

Oracle Enterprise Manager for Oracle Database Denial of Service Vulnerability (CNVD-2020-09955)

Oracle Enterprise Manager for Oracle Database is Oracle's on-premise management platform for Oracle Database. A security vulnerability exists in the Discovery Framework component in Oracle Enterprise Manager for Oracle Database 12.1.0.5, 13.2.0.0, 13.3.0.0. An attacker could exploit this...

Oracle Enterprise Manager for Oracle Database Denial of Service Vulnerability

Oracle Enterprise Manager for Oracle Database is Oracle's on-premise management platform for Oracle Database. A security vulnerability exists in the Change Manager - web based component in Oracle Enterprise Manager for Oracle Database 12.1.0.5, 13.2.0.0, 13.3.0.0. An attacker can exploit the...

Solaris 10 (x86) : 150401-68

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

PT-2020-1539 · Oracle · Oracle Database Server +1

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c Description: The issue is related to a vulnerability in the Database Gateway for ODBC component, which can be exploited by a low-privileged attacker with Create Sessio...

PT-2020-1535 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 Description: The issue is related to inadequate access control in the Console component of Oracle WebLogic Server, allowing an unauthenticated attacker with networ...