oracle
10,484 tracked vulnerabilities.
CVE-2020-13943
MEDIUM
Apache Tomcat 10.0.0-M1-10.0.0-M7,9.0.0.M1-9.0.37,8.5.0-8.5.57 - In...
Oct 12, 2020
CVSS 4.3
EPSS 0.57
CVE-2020-26870
MEDIUM
DOMPurify < 2.0.17 - Mutation Cross-Site Scripting via MathML Namespace Bypass
Oct 07, 2020
CVSS 6.1
EPSS 0.05
CVE-2020-26575
HIGH
Wireshark < 3.2.7 - Denial of Service via Infinite Loop in FBZERO Dissector
Oct 06, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-25866
HIGH
Wireshark 3.0.0-3.0.13 and 3.2.0-3.2.6 - Denial of Service via BLIP Protocol Dissector NULL Pointer Dereference
Oct 06, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-25863
HIGH
Wireshark <3.2.7, <3.0.14, <2.6.21 - Buffer Overflow
Oct 06, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-25862
HIGH
Wireshark <3.2.7, <3.0.14, <2.6.21 - DoS
Oct 06, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-7069
MEDIUM
PHP 7.2.0-7.2.33, 7.3.0-7.3.22, 7.4.0-7.4.10 - Inadequate Encryption Strength in AES-CCM Mode
Oct 02, 2020
CVSS 5.4
EPSS 0.02
CVE-2020-11979
HIGH
Apache Ant <1.10.8 - Code Injection
Oct 01, 2020
CVSS 7.5
EPSS 0.08
CVE-2020-26137
MEDIUM
urllib3 < 1.25.9 - CRLF Injection via HTTP Request Method
Sep 30, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-26116
HIGH
Python 3.x < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.5 - HTTP Header Injection via HTTPConnection.request
Sep 27, 2020
CVSS 7.2
EPSS 0.06
CVE-2020-5421
MEDIUM
Spring Framework 4.3.0-4.3.28, 5.0.0-5.0.18, 5.1.0-5.1.17, 5.2.0-5.2.8 - Reflection File Download
Sep 19, 2020
CVSS 6.5
EPSS 0.11
CVE-2020-24750
HIGH
jackson-databind 2.0.0-2.9.10.5 - Deserialization of Untrusted Data via JndiConfiguration
Sep 17, 2020
CVSS 8.1
EPSS 0.07
CVE-2020-0404
MEDIUM
Android - Local Privilege Escalation via uvc_scan_chain_forward Linked List Corruption
Sep 17, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-7733
HIGH
ua-parser-js < 0.7.22 - Regular Expression Denial of Service via Redmi and Mi Pad User-Agent Parsing
Sep 16, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-13920
MEDIUM
Apache ActiveMQ < 5.15.12 - Unauthenticated JMX RMI Registry Manipulation
Sep 10, 2020
CVSS 5.9
EPSS 0.05
CVE-2020-11998
CRITICAL
Apache ActiveMQ JMX RMIConnectorServer - Remote Code Execution
Sep 10, 2020
CVSS 9.8
EPSS 0.51
CVE-2020-1968
LOW
OpenSSL 1.0.2-1.0.2v - Pre-Master Secret Disclosure via Raccoon Attack
Sep 09, 2020
CVSS 3.7
EPSS 0.05
CVE-2020-24977
MEDIUM
libxml2 2.9.10 - Out-of-bounds Read in xmlEncodeEntitiesInternal
Sep 04, 2020
CVSS 6.5
EPSS 0.04
CVE-2020-24553
MEDIUM
Go <1.14.8, <1.15.1 - XSS
Sep 02, 2020
CVSS 6.1
EPSS 0.04
CVE-2020-24584
HIGH
Django <2.2.16, <3.0.10, <3.1.1 - Info Disclosure
Sep 01, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-24583
HIGH
Django <2.2.16, 3.0<10, 3.1<1 - Info Disclosure
Sep 01, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-7712
HIGH
json < 10.0.0 - OS Command Injection via parseLookup Function
Aug 30, 2020
CVSS 7.2
EPSS 0.04
CVE-2020-25020
CRITICAL
mpxj < 8.1.3 - XML External Entity Injection in GanttProjectReader and PhoenixReader
Aug 29, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-14729
MEDIUM
Oracle NetSuite SCA <2020.1.4 - Info Disclosure
Aug 27, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-14728
MEDIUM
Oracle SuiteCommerce Advanced 2018.2-2019.2 - Unauthorized Data Access/Modification
Aug 27, 2020
CVSS 5.4
EPSS 0.01
Products
mysql 1,329
jre 799
jdk 787
solaris 555
database_server 516
vm_virtualbox 427
peoplesoft_enterprise_peopletools 355
e-business_suite 337
weblogic_server 322
fusion_middleware 313
mysql_server 278
linux 229
application_server 198
outside_in_technology 195
graalvm 188
jd_edwards_enterpriseone_tools 164
peoplesoft_products 158
enterprise_manager_base_platform 135
communications_cloud_native_core_policy 125
retail_xstore_point_of_service 125
zfs_storage_appliance_kit 117
enterprise_manager_ops_center 107
jrockit 107
http_server 105
webcenter_portal 100
openjdk 98
supply_chain_products_suite 97
flexcube_universal_banking 95
primavera_unifier 95
financial_services_analytical_applications_infrastructure 90
Quick Filters