|
210471
|
3.8 |
LOW
Network
|
oracle
|
database_vault
|
Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privile…
|
NVD-CWE-noinfo
|
CVE-2020-14736
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210472
|
8.8 |
HIGH
Local
|
oracle
|
scheduler
|
Vulnerability in the Scheduler component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low pri…
|
NVD-CWE-noinfo
|
CVE-2020-14735
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210473
|
8.1 |
HIGH
Network
|
oracle
|
text
|
Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows una…
|
NVD-CWE-noinfo
|
CVE-2020-14734
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210474
|
3.1 |
LOW
Network
|
oracle
|
retail_customer_management_and_segmentation_foundation
|
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Promotions). The supported version that is affected is 19.0. Diffi…
|
NVD-CWE-noinfo
|
CVE-2020-14732
|
2024-11-21 14:04 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210475
|
6.1 |
MEDIUM
Network
|
linuxfoundation
canonical
debian
|
containerd
ubuntu_linux
debian_linux
|
In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Sche…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-15157
|
2024-11-21 14:04 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210476
|
8.6 |
HIGH
Network
|
sonatype
|
nexus_repository_manager
|
A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on dis…
|
CWE-22
Path Traversal
|
CVE-2020-15012
|
2024-11-21 14:04 |
2020-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210477
|
5.4 |
MEDIUM
Network
|
prestashop
|
prestashop
|
In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS paylo…
|
-
|
CVE-2020-15162
|
2024-11-21 14:04 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210478
|
9.8 |
CRITICAL
Network
|
prestashop
|
prestashop
|
PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8
|
CWE-89
SQL Injection
|
CVE-2020-15160
|
2024-11-21 14:04 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210479
|
6.1 |
MEDIUM
Network
|
prestashop
|
prestashop
|
In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8
|
-
|
CVE-2020-15161
|
2024-11-21 14:04 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210480
|
10.0 |
CRITICAL
Network
|
yiiframework
|
yii
|
Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaro…
|
-
|
CVE-2020-15148
|
2024-11-21 14:04 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
