| 2021-01-20 | CVE-2021-1999 | Unspecified vulnerability in Oracle products
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). | 5.0 |
| 2021-01-20 | CVE-2021-1996 | Unspecified vulnerability in Oracle products
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). | 2.4 |
| 2021-01-20 | CVE-2021-1993 | Unspecified vulnerability in Oracle products
Vulnerability in the Java VM component of Oracle Database Server. network high complexity oracle | 4.8 |
| 2020-11-28 | CVE-2020-27218 | In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. | 4.8 |
| 2020-10-21 | CVE-2020-14854 | Unspecified vulnerability in Oracle Hyperion Infrastructure Technology 11.1.2.4
Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: UI and Visualization). | 6.1 |
| 2020-09-19 | CVE-2020-5421 | In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. | 6.5 |
| 2020-08-07 | CVE-2020-9490 | HTTP Request Smuggling vulnerability in multiple products
Apache HTTP Server versions 2.4.20 to 2.4.43. | 7.5 |
| 2020-08-07 | CVE-2020-11993 | HTTP Request Smuggling vulnerability in multiple products
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. | 7.5 |
| 2020-08-07 | CVE-2020-11984 | Classic Buffer Overflow vulnerability in multiple products
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | 9.8 |
| 2020-06-27 | CVE-2020-15358 | Out-of-bounds Write vulnerability in multiple products
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | 5.5 |