oracle
10,484 tracked vulnerabilities.
CVE-2020-35490
HIGH
jackson-databind 2.0.0-2.9.10.7 - Deserialization of Untrusted Data
Dec 17, 2020
CVSS 8.1
EPSS 0.08
CVE-2020-5360
HIGH
Dell BSAFE Micro Edition Suite <4.5 - Buffer Under-Read
Dec 16, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-5359
MEDIUM
Dell BSAFE Micro Edition Suite <4.5 - Buffer Overflow
Dec 16, 2020
CVSS 5.8
EPSS 0.01
CVE-2020-29363
HIGH
p11-kit 0.23.6-0.23.21 - Heap-Based Buffer Overflow in RPC Protocol Deserialization
Dec 16, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-35460
MEDIUM
Oracle Primavera Unifier >=17.7 <17.12 - Path Traversal and Arbitrary File Write via Zip Stream Handler
Dec 14, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-8286
HIGH
libcurl 7.41.0-7.73.0 - Improper Certificate Validation via OCSP Response
Dec 14, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-8285
HIGH
libcurl 7.21.0-7.73.0 - Uncontrolled Recursion via FTP Wildcard Match Parsing
Dec 14, 2020
CVSS 7.5
EPSS 0.10
CVE-2020-8284
LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
Dec 14, 2020
CVSS 3.7
EPSS 0.04
CVE-2020-8231
HIGH
libcurl 7.29.0-7.71.1 - Use-After-Free via Dangling Pointer
Dec 14, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-26421
MEDIUM
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 4.2
EPSS 0.03
CVE-2020-26420
LOW
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-26419
LOW
Wireshark 3.4.0 - Denial of Service via Memory Leak in Dissection Engine
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-26418
LOW
Wireshark <3.4.0, 3.2.0-3.2.8 - DoS
Dec 11, 2020
CVSS 3.1
EPSS 0.03
CVE-2020-17530
CRITICAL
KEVNUCLEI
Apache Struts 2 Forced Multi OGNL Evaluation
Dec 11, 2020
CVSS 9.8
EPSS 0.96
CVE-2020-8908
LOW
Guava < 32.0.0 - Unprotected Temporary Directory Creation via Files.createTempDir()
Dec 10, 2020
CVSS 3.3
EPSS 0.01
CVE-2020-29661
HIGH
Linux kernel <5.9.13 - Use After Free
Dec 09, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-29651
HIGH
Python <1.9.0 - DoS
Dec 09, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-1971
MEDIUM
OpenSSL 1.0.2-1.0.2w and 1.1.1-1.1.1h - Denial of Service via EDIPARTYNAME NULL Pointer Dereference
Dec 08, 2020
CVSS 5.9
EPSS 0.07
CVE-2020-17521
MEDIUM
Apache Groovy <4.0.0 - Info Disclosure
Dec 07, 2020
CVSS 5.5
EPSS 0.01
CVE-2020-17527
HIGH
Apache Tomcat <10.0.0-M9, 9.0.39, 8.5.59 - Info Disclosure
Dec 03, 2020
CVSS 7.5
EPSS 0.25
CVE-2020-27783
MEDIUM
lxml < 4.6.2 - Cross-Site Scripting via Clean Module Parser
Dec 03, 2020
CVSS 6.1
EPSS 0.04
CVE-2020-25649
HIGH
jackson-databind 2.6.0-2.6.7.3 - XML External Entity Injection
Dec 03, 2020
CVSS 7.5
EPSS 0.18
CVE-2020-13956
MEDIUM
Apache HttpClient <4.5.13, 5.0.3 - SSRF
Dec 02, 2020
CVSS 5.3
EPSS 0.09
CVE-2020-25638
HIGH
hibernate-core < 5.4.24.Final - SQL Injection via JPA Criteria API Literal Handling
Dec 02, 2020
CVSS 7.4
EPSS 0.03
CVE-2020-27218
MEDIUM
Eclipse Jetty 9.4.0-9.4.34 - Sensitive Information Exposure via GZIP Request Body Reuse
Nov 28, 2020
CVSS 4.8
EPSS 0.08
Products
mysql 1,329
jre 799
jdk 787
solaris 555
database_server 516
vm_virtualbox 427
peoplesoft_enterprise_peopletools 355
e-business_suite 337
weblogic_server 322
fusion_middleware 313
mysql_server 278
linux 229
application_server 198
outside_in_technology 195
graalvm 188
jd_edwards_enterpriseone_tools 164
peoplesoft_products 158
enterprise_manager_base_platform 135
communications_cloud_native_core_policy 125
retail_xstore_point_of_service 125
zfs_storage_appliance_kit 117
enterprise_manager_ops_center 107
jrockit 107
http_server 105
webcenter_portal 100
openjdk 98
supply_chain_products_suite 97
flexcube_universal_banking 95
primavera_unifier 95
financial_services_analytical_applications_infrastructure 90
Quick Filters