Microsoft Windows Search Indexer CVE-2020-0630 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Norton Power Eraser CVE-2019-19548 Local Privilege Escalation Vulnerability

Description Norton Power Eraser is prone to a local privilege escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Versions prior to Norton Power Eraser Prior to 5.3.0.67 are vulnerable. Technologies Affected Symantec Norton Power Eraser NPE 2.0.0.52...

Microsoft Windows CryptoAPI CVE-2020-0601 Spoofing Vulnerability

Description Microsoft Windows is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Windows 10...

Microsoft Windows Remote Desktop Protocol CVE-2020-0612 Denial of Service Vulnerability

Description Microsoft Windows Remote Desktop Protocol is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows Server 2016 Microsoft Windows Server...

Oracle Coherence CVE-2020-2555 Multiple Remote Security Vulnerabilities

Description Oracle Coherence is prone to multiple remote security vulnerabilities. The vulnerability can be exploited over the 'T3' protocol. The 'Caching', 'CacheStore' and 'Invocation' components are affected. This vulnerability affects the following supported versions: 12.1.3.0.0, 12.2.1.3.0 a...

Oracle Financial Services Analytical Applications Infrastructure Remote Security Vulnerability

Description Oracle Financial Services Analytical Applications Infrastructure is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Object Migration' component is affected. This vulnerability affects the following supported versions: 8.0.4...

Adobe Experience Manager CVE-2019-16468 Information Disclosure Vulnerability

Description Adobe Experience Manager is prone to an information-disclosure vulnerability. Remote attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Adobe Experience Manager versions 6.3, 6.4 and 6.5 are vulnerable. Technologies Affected Adobe...

Microsoft Windows CVE-2020-0635 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Window...

Microsoft Excel CVE-2020-0653 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft Excel CVE-2020-0651 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft ASP.NET Core CVE-2020-0603 Remote Code Execution Vulnerability

Description Microsoft ASP.NET Core is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Adobe Illustrator APSB20-03 Multiple Memory Corruption Vulnerabilities

Description Adobe Illustrator is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Adobe...

Oracle Reports Developer Multiple Remote Security Vulnerabilities

Description Oracle Reports Developer is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Security and Authentication' component is affected. These vulnerabilities affect the following supported versions: 12.2.1.3.0, 12.2.1.4....

Oracle Enterprise Manager for Oracle Database cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Enterprise Manager for Oracle Database is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over HTTP protocol. The 'Change Manager - web based', 'Discovery Framework', 'Enterprise Config Management', and 'Target Management' components ar...

Oracle AutoVue CVE-2020-2592 Remote Security Vulnerability

Description Oracle AutoVue is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'Security' sub component is affected. This vulnerability affects the following supported versions: 12.0.2 Technologies Affected Oracle AutoVue 12.0.2 Recommendation...

Oracle GraalVM Enterprise Edition CVE-2020-2581 Local Security Vulnerability

Description Oracle GraalVM Enterprise Edition is prone to a local security vulnerability. The 'LLVM Interpreter' component is affected. This vulnerability affects the following supported versions: 19.3.0.2 Technologies Affected Oracle GraalVM Enterprise Edition 19.3.0.2 Recommendations Block...

Oracle Hospitality Suites Management CVE-2020-2697 Local Security Vulnerability

Description Oracle Hospitality Suites Management is prone to a local security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Request Tracker' package is affected. This vulnerability affects the following supported versions: 3.7, 3.8 Technologies Affected Oracle...

SAP Disclosure Management CVE-2020-6303 Input Validation Security Vulnerability

Description SAP Disclosure Management is prone to a security vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to obtain sensitive information, access or modify data within the context of the affected application; this may aid in further...

Oracle E-Business Suite CVE-2020-2666 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in 'Oracle Applications Framework' product. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Attachments / File Upload' component is affected. This vulnerability affects the following supported...

Microsoft Windows Graphics Components CVE-2020-0607 Information Disclosure Vulnerability

Description Microsoft Windows is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...

Oracle E-Business Suite CVE-2020-2591 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in 'Oracle Web Applications Desktop Integrator' product. This vulnerability can be exploited over the 'HTTP' protocol. The 'Application Service' component is affected. This vulnerability affects the following supporte...

Microsoft Windows Search Indexer CVE-2020-0632 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft ASP.NET Core CVE-2020-0602 Denial of Service Vulnerability

Description Microsoft ASP.NET Core is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft ASP.NET Core 2.1 Microsoft ASP.NET Core 3.0 Microsoft ASP.NET Core 3.1 Recommendations Block external...

Oracle Primavera P6 Enterprise Project Portfolio Management Local Security Vulnerability

Description Oracle Primavera P6 Enterprise Project Portfolio Management is prone to a local security vulnerability. The 'Core' component is affected. This vulnerability affects the following supported versions: 16.2.0.0 through 16.2.19.0, 17.12.0.0 through 17.12.16.0, 18.8.0.0 through 18.8.16.0,...

Oracle Siebel CRM CVE-2020-2559 Remote Security Vulnerability

Description Oracle Siebel CRM is prone to a remote security vulnerability. This vulnerability affects the 'UIF Open UI' component and can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 19.7 and prior Technologies Affected Oracle Siebel UI...

Oracle WebLogic Server Multiple Remote Security Vulnerabilities

Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'WLS Core Components' and 'Application Container - JavaEE' components are affected. These vulnerabilities affect the following supported...

Microsoft Windows CVE-2020-0644 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...

Oracle MySQL Server cpujan2020 Multiple Security Vulnerabilities

Description Oracle MySQL Server is prone to multiple security vulnerabilities. These vulnerabilities can be exploited over 'MySQL Protocol' protocol. The 'C API', and 'Server: Optimizer' components are affected. These vulnerabilities affect the following supported versions: 5.6.46 and prior, 5.7....

Oracle Demantra Demand Management CVE-2020-2557 Remote Security Vulnerability

Description Oracle Demantra Demand Management is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'Security' component is affected. This vulnerability affects the following supported versions: 12.2.4, 12.2.4.1, 12.2.5, 12.2.5.1 Technologies...

Oracle Hyperion Financial Close Management CVE-2020-2563 Remote Security Vulnerability

Description Oracle Hyperion Financial Close Management is prone to a remote security vulnerability in 'Close Manager' component. The vulnerability can be exploited over the 'HTTP' protocol. This vulnerability affects the following supported versions: 11.1.2.4 Technologies Affected Oracle Hyperion...

Oracle Java SE CVE-2020-2655 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTPS' protocol. This issue affects the 'JSSE' component. This vulnerability affects the following supported versions: Java SE: 11.0.5, 13.0.1 Technologies Affected Oracle JDKLinux...

Oracle Database Server CVE-2020-2517 Remote Security Vulnerability

Description Oracle Database Server is prone to a remote security vulnerability that exists in Database Gateway for ODBC. The vulnerability can be exploited over 'OracleNet' protocol. For an exploit to succeed, the attacker must have 'Create Procedure' and 'Create Database Link' privileges. This...

Microsoft Office CVE-2020-0652 Memory Corruption Vulnerability

Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Oracle Java SE/Java SE Embedded/GraalVM CVE-2020-2604 Remote Security Vulnerability

Description Oracle Java SE/Java SE Embedded/GraalVM are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0....

Oracle Financial Services Revenue Management and Billing Remote Security Vulnerability

Description Oracle Financial Services Revenue Management and Billing is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTP' protocol. The 'File Upload' sub component is affected. This vulnerability affects the following supported versions: 2.7.0.0, 2.7.0.1,...

Microsoft Windows Search Indexer CVE-2020-0627 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Oracle WebLogic Server CVE-2020-2550 Local Security Vulnerability

Description Oracle WebLogic Server is prone to a local security vulnerability. The 'WLS Core Components' component is affected. This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 Technologies Affected Oracle Weblogic Server 10.3.6.0.0 Oracl...

Oracle Solaris cpujan2020 Multiple Local Security Vulnerabilities

Description Oracle Solaris is prone to multiple local security vulnerabilities. These vulnerabilities affect the following supported versions: 10, 11 Technologies Affected Oracle Solaris 10 Oracle Solaris 11 Recommendations Permit local access for trusted individuals only. Where possible, use...

Oracle Hospitality Cruise Materials Management CVE-2020-2599 Local Security Vulnerability

Description Oracle Hospitality Cruise Materials Management is prone to a local security vulnerability. This issue affects the 'MMS All' component. This vulnerability affects the following supported version: 7.30.567 Technologies Affected Oracle Hospitality Cruise Materials Management 7.30.567...

Oracle Solaris cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Solaris is prone to multiple remote security vulnerabilities that exists in the 'Kernel' component. These issues can be exploited over 'SMB' protocol. These vulnerabilities affect the following supported versions: 11 Technologies Affected Oracle Solaris 11 Recommendations Block...

Oracle Database Server cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Database Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the multiple protocols. The 'Core RDBMS' component is affected. These vulnerabilities affect the following supported versions: 12.1.0.2, 12.2.0.1, 18c and 19c...

Oracle Hospitality OPERA 5 Multiple Remote Security Vulnerabilities

Description Oracle Hospitality OPERA 5 is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Login' and 'Printing' components are affected. These vulnerabilities affect the following supported versions: 5.5 Technologies Affecte...

Multiple Oracle Products Multiple Remote Security Vulnerabilities

Description Multiple Oracle Products are prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'OSSL Module', 'SSL API' and 'Web Listener' components are affected. Technologies Affected Oracle HTTP Server 11.1.1.9.0 Oracle HTTP Serv...

Adobe Experience Manager CVE-2019-16469 Information Disclosure Vulnerability

Description Adobe Experience Manager is prone to an information-disclosure vulnerability. Remote attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Adobe Experience Manager 6.5 is vulnerable. Technologies Affected Adobe Experience Manager 6.5...

Oracle Java SE/Java SE Embedded CVE-2020-2583 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5,...

Oracle MySQL Server CVE-2020-2580 Remote Security Vulnerability

Description Oracle MySQL Server is prone to a remote security vulnerability in 'Server: DDL' component. The vulnerability can be exploited over the 'MySQL' protocol. This vulnerability affects the following supported versions: 8.0.17 and prior Technologies Affected Oracle MySQL Server 8.0.11 Orac...

Oracle Java SE/Java SE Embedded CVE-2020-2601 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0....

Oracle Identity Manager CVE-2020-2728 Remote Security Vulnerability

Description Oracle Identity Manager is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'OIM - LDAP user and role Synch' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0 Technologies Affected...

SAP Leasing CVE-2020-6306 Remote Authorization Bypass Vulnerability

Description SAP Leasing is prone to an authorization-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. Technologies Affected SAP Leasing 6.0 SAP Leasing 6.02 SAP Leasing 6.0...

Adobe Experience Manager APSB20-01 Multiple Cross Site Scripting Vulnerabilities

Description Adobe Experience Manager is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affecte...