Microsoft Windows CVE-2020-0644 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Oracle WebLogic Server Multiple Remote Security Vulnerabilities

Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over 'HTTP' protocol. The 'WLS Core Components' is affected. These vulnerabilities affect the following supported versions: 10.3.6.0.0 Technologies Affected Oracle...

Oracle Retail Customer Management and Segmentation Foundation Remote Security Vulnerability

Description Oracle Retail Customer Management and Segmentation Foundation is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Security' component is affected. This vulnerability affects the following supported versions: 18.0 Technologies...

Microsoft Office Online CVE-2020-0647 Spoofing Vulnerability

Description Microsoft Office Online is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office...

Microsoft Windows CryptoAPI CVE-2020-0601 Spoofing Vulnerability

Description Microsoft Windows is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Windows 10...

Microsoft Windows Update Notification Manager CVE-2020-0638 Local Privilege Escalation Vulnerability

Description Microsoft Windows Update Notification Manager is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for...

Microsoft Windows Hyper-V CVE-2020-0617 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial of service vulnerability. An attacker can exploit this issue to crash the host machine, resulting in a denial of service condition. Technologies Affected Microsoft Hyper-V Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows ...

Microsoft Windows Graphics Component CVE-2020-0622 Information Disclosure Vulnerability

Description Microsoft Windows is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...

Oracle AutoVue CVE-2020-2592 Remote Security Vulnerability

Description Oracle AutoVue is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'Security' sub component is affected. This vulnerability affects the following supported versions: 12.0.2 Technologies Affected Oracle AutoVue 12.0.2 Recommendation...

Microsoft Dynamics 365 CVE-2020-0656 Cross Site Scripting Vulnerability

Description Microsoft Dynamics 365 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

Microsoft Excel CVE-2020-0653 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Oracle Reports Developer Multiple Remote Security Vulnerabilities

Description Oracle Reports Developer is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Security and Authentication' component is affected. These vulnerabilities affect the following supported versions: 12.2.1.3.0, 12.2.1.4....

SAP Basis Automated Note Search Tool CVE-2020-6307 Remote Authorization Bypass Vulnerability

Description SAP Basis is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Automated Note Search Tool SAP Basis 7.00 SAP Basis 7.01 SAP Basis 7.0...

Oracle WebLogic Server Multiple Remote Security Vulnerabilities

Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'WLS Core Components' and 'Application Container - JavaEE' components are affected. These vulnerabilities affect the following supported...

Oracle Database Server CVE-2020-2517 Remote Security Vulnerability

Description Oracle Database Server is prone to a remote security vulnerability that exists in Database Gateway for ODBC. The vulnerability can be exploited over 'OracleNet' protocol. For an exploit to succeed, the attacker must have 'Create Procedure' and 'Create Database Link' privileges. This...

Microsoft Windows Cryptographic Services CVE-2020-0620 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...

SAP Leasing CVE-2020-6306 Remote Authorization Bypass Vulnerability

Description SAP Leasing is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected SAP Leasing 6.0 SAP Leasing 6.02 SAP Leasing 6.0...

SAP NetWeaver Internet Communication Manager CVE-2020-6304 Denial of Service Vulnerability

Description SAP Netweaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Technologies Affected SAP Internet Communication Manager ICM SAP NetWeaver 7.21 SAP NetWeaver 7.22 SAP NetWeaver 7.49 SAP NetWeaver 7.53 Recommendatio...

Microsoft Windows Search Indexer CVE-2020-0632 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Oracle Identity Manager CVE-2020-2728 Remote Security Vulnerability

Description Oracle Identity Manager is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'OIM - LDAP user and role Synch' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected...

Oracle Java SE CVE-2020-2655 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTPS' protocol. This issue affects the 'JSSE' component. This vulnerability affects the following supported versions: Java SE: 11.0.5, 13.0.1 Technologies Affected Oracle JDKLinux...

Oracle E-Business Suite cpujan2020 Multiple Security Vulnerabilities

Description Oracle E-Business Suite is prone to multiple security vulnerabilities. These vulnerabilities can be exploited over 'HTTPS' protocol. The 'Preferences', 'Message Hooks', 'Attachments / File Upload' components are affected. These vulnerabilities affect the following supported versions:...

Oracle PeopleSoft Enterprise CC Common Application Objects Remote Security Vulnerability

Description Oracle PeopleSoft Enterprise CC Common Application Objects is prone to a remote vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Approval Framework' component is affected. This vulnerability affects the following supported versions: 9.1, 9.2 Technologie...

Oracle Solaris cpujan2020 Multiple Local Security Vulnerabilities

Description Oracle Solaris is prone to multiple local security vulnerabilities. These vulnerabilities affect the following supported versions: 10, 11 Technologies Affected Oracle Solaris 10 Oracle Solaris 11 Recommendations Permit local access for trusted individuals only. Where possible, use...

Microsoft Windows CVE-2020-0616 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Technologies Affected Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft...

Oracle Retail Customer Management and Segmentation Foundation Multiple Security Vulnerabilities

Description Oracle Retail Customer Management and Segmentation Foundation is prone to multiple security vulnerabilities. The 'Internal Operations' component is affected. These vulnerabilities affect the following supported versions: 16.0 Technologies Affected Oracle Retail Customer Management and...

Oracle WebLogic Server CVE-2020-2550 Local Security Vulnerability

Description Oracle WebLogic Server is prone to a local security vulnerability. The 'WLS Core Components' component is affected. This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 Technologies Affected Oracle Weblogic Server 10.3.6.0.0 Oracl...

Oracle Business Intelligence Enterprise Edition Multiple Remote Security Vulnerabilities

Description Oracle Business Intelligence Enterprise Edition is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Analytics Actions', 'BI Platform Security' and 'Analytics Server' components are affected. These vulnerabilities...

Norton Power Eraser CVE-2019-19548 Local Privilege Escalation Vulnerability

Description Norton Power Eraser is prone to a local privilege escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Versions prior to Norton Power Eraser Prior to 5.3.0.67 are vulnerable. Technologies Affected Symantec Norton Power Eraser NPE 2.0.0.52...

Oracle Financial Services Revenue Management and Billing Remote Security Vulnerability

Description Oracle Financial Services Revenue Management and Billing is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'File Upload' sub component is affected. This vulnerability affects the following supported versions: 2.7.0.0, 2.7.0.1,...

Oracle Demantra Demand Management CVE-2020-2557 Remote Security Vulnerability

Description Oracle Demantra Demand Management is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'Security' component is affected. This vulnerability affects the following supported versions: 12.2.4, 12.2.4.1, 12.2.5, 12.2.5.1 Technologies...

Multiple Oracle Products Multiple Remote Security Vulnerabilities

Description Multiple Oracle Products are prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'OSSL Module', 'SSL API' and 'Web Listener' components are affected. Technologies Affected Oracle HTTP Server 11.1.1.9.0 Oracle HTTP Serv...

Oracle iLearning CVE-2020-2709 Remote Security Vulnerability

Description Oracle iLearning is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Learner Pages' component is affected. This vulnerability affects the following supported versions: 6.1 Technologies Affected Oracle iLearning 6.1...

Microsoft ASP.NET Core CVE-2020-0602 Denial of Service Vulnerability

Description Microsoft ASP.NET Core is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft ASP.NET Core 2.1 Microsoft ASP.NET Core 3.0 Microsoft ASP.NET Core 3.1 Recommendations Block external...

Oracle Application Testing Suite CVE-2020-2673 Remote Security Vulnerability

Description Oracle Application Testing Suite is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Oracle Flow Builder' component is affected. This vulnerability affects the following supported versions: 12.5.0.3, 13.1.0.1, 13.2.0.1, 13.3.0...

Oracle Java SE CVE-2020-2654 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0.1 Technologies Affecte...

Oracle Java SE/Java SE Embedded CVE-2020-2659 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231; Java SE...

Oracle VM Server for SPARC CVE-2020-2571 Local Security Vulnerability

Description Oracle VM Server for SPARC is prone to a local security vulnerability. The 'Templates' component is affected. This vulnerability affects the following supported versions: Oracle VM Server for SPARC 3.6 Technologies Affected Oracle VM Server for SPARC 3.6 Recommendations Permit local...

Oracle Enterprise Manager Base Platform cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Enterprise Manager Base Platform is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over HTTP protocol. The 'Enterprise Config Management', 'Application Service Level Mgmt, 'Cloud Control Manager - OMS', 'Configuration Standard...

Microsoft Windows Search Indexer CVE-2020-0628 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft Windows Search Indexer CVE-2020-0627 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft Windows Win32k CVE-2020-0624 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version...

Microsoft Internet Explorer CVE-2020-0640 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet Explor...

Oracle GraalVM Enterprise Edition CVE-2020-2595 Remote Security Vulnerability

Description Oracle GraalVM Enterprise Edition is prone to a remote security vulnerability. This vulnerability can be exploited over the 'Multiple' protocols. The 'GraalVM Compiler' component is affected. This vulnerability affects the following supported versions: 19.3.0.2 Technologies Affected...

Microsoft Windows CVE-2020-0621 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Windows 10 Version 1709 for...

Oracle Java SE CVE-2020-2585 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'JavaFX' component. This vulnerability affects the following supported versions: Java SE: 8u241 Technologies Affected Oracle JDKLinux Producti...

Oracle Database Server cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Database Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over 'OracleNet' protocol. The 'Database Gateway for ODBC' component is affected. These vulnerabilities affect the following supported versions: 11.2.0.4, 12.1.0.2,...

Oracle Database Server CVE-2020-2568 Local Security Vulnerability

Description Oracle Database Server is prone to a local security vulnerability that exists in Oracle Applications DBA. The vulnerability can be exploited over the 'Local Logon' protocol. For an exploit to succeed, the attacker must have 'Local Logon' privilege. This vulnerability affects the...

Microsoft Windows Win32k CVE-2020-0608 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Oracle WebCenter Sites Multiple Remote Security Vulnerabilities

Description Oracle WebCenter Sites is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Advanced UI' component is affected. These vulnerabilities affect the following supported versions: 12.2.1.3.0 Technologies Affected Oracle...