|
210311
|
4.7 |
MEDIUM
Network
|
oracle
|
cloud_infrastructure_identity_and_access_management
|
Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access …
|
NVD-CWE-noinfo
|
CVE-2020-14874
|
2024-11-21 14:04 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210312
|
5.9 |
MEDIUM
Network
|
askey
|
ap5100w_firmware
|
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exc…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-15023
|
2024-11-21 14:04 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210313
|
9.8 |
CRITICAL
Network
|
oracle
|
fusion_middleware
|
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.…
|
NVD-CWE-noinfo
|
CVE-2020-14750
|
2024-11-21 14:04 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210314
|
4.8 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX App Suite through 7.10.3 allows stats/diagnostic?param= XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15004
|
2024-11-21 14:04 |
2020-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210315
|
4.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access).
|
NVD-CWE-noinfo
|
CVE-2020-15003
|
2024-11-21 14:04 |
2020-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210316
|
5.0 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-15002
|
2024-11-21 14:04 |
2020-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210317
|
4.9 |
MEDIUM
Network
|
oracle
|
database
|
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows high privileged attacker having Analyze…
|
NVD-CWE-noinfo
|
CVE-2020-14901
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210318
|
5.4 |
MEDIUM
Network
|
oracle
|
application_express
|
Vulnerability in the Oracle Application Express Group Calendar component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows lo…
|
NVD-CWE-noinfo
|
CVE-2020-14900
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210319
|
5.4 |
MEDIUM
Network
|
oracle
|
application_express
|
Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low…
|
NVD-CWE-noinfo
|
CVE-2020-14899
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210320
|
5.4 |
MEDIUM
Network
|
oracle
|
application_express
|
Vulnerability in the Oracle Application Express Packaged Apps component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low…
|
NVD-CWE-noinfo
|
CVE-2020-14898
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
