Vulnerabilities > Oracle

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-20	CVE-2020-9410	Cross-site Scripting vulnerability in multiple products The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an attacker to exploit HTML injection to gain full control of a web interface containing the output of the report generator component with the privileges of any user that views the affected report(s). network low complexity tibco oracle CWE-79	8.8
2020-05-20	CVE-2020-9409	Incorrect Default Permissions vulnerability in multiple products The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated attacker to obtain the permissions of a JasperReports Server "superuser" for the affected systems. network low complexity tibco oracle CWE-276 critical	9.8
2020-05-19	CVE-2020-7656	Cross-site Scripting vulnerability in multiple products jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. network low complexity jquery oracle netapp juniper CWE-79	6.1
2020-05-19	CVE-2020-10723	A memory corruption issue was found in DPDK versions 17.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle	6.7
2020-05-19	CVE-2020-10722	A vulnerability was found in DPDK versions 18.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle	6.7
2020-05-14	CVE-2020-1941	Cross-site Scripting vulnerability in multiple products In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue. network low complexity apache oracle CWE-79	6.1
2020-05-14	CVE-2020-11973	Deserialization of Untrusted Data vulnerability in multiple products Apache Camel Netty enables Java deserialization by default. network low complexity apache oracle CWE-502 critical	9.8
2020-05-14	CVE-2020-11972	Deserialization of Untrusted Data vulnerability in multiple products Apache Camel RabbitMQ enables Java deserialization by default. network low complexity apache oracle CWE-502 critical	9.8
2020-05-14	CVE-2020-11971	Apache Camel's JMX is vulnerable to Rebind Flaw. network low complexity apache oracle	7.5
2020-05-14	CVE-2020-1945	Exposure of Resource to Wrong Sphere vulnerability in multiple products Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. local high complexity apache canonical fedoraproject opensuse oracle CWE-668	6.3

Vulnerabilities > Oracle {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Oracle"}]}

Vulnerabilities > Oracle