Vulnerabilities > Oracle

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-06	CVE-2020-10693	A flaw was found in Hibernate Validator version 6.1.2.Final. network low complexity redhat ibm quarkus oracle	5.3
2020-05-01	CVE-2020-10683	XXE vulnerability in multiple products dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. network low complexity dom4j-project oracle opensuse netapp canonical CWE-611 critical	9.8
2020-04-29	CVE-2020-11022	In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery drupal debian fedoraproject oracle netapp opensuse tenable	6.1
2020-04-29	CVE-2020-11023	In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery debian fedoraproject drupal oracle netapp tenable	6.1
2020-04-29	CVE-2020-2575	Use of Uninitialized Resource vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). local high complexity oracle CWE-908	7.5
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	7.5
2020-04-27	CVE-2020-7067	Out-of-bounds Read vulnerability in multiple products In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. network low complexity php tenable oracle debian CWE-125	7.5
2020-04-27	CVE-2020-9488	Improper Certificate Validation vulnerability in multiple products Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. network high complexity apache oracle debian qos CWE-295	3.7
2020-04-27	CVE-2020-9489	Infinite Loop vulnerability in multiple products A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. local low complexity apache oracle CWE-835	5.5
2020-04-21	CVE-2020-1967	NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. network low complexity openssl debian freebsd fedoraproject oracle netapp broadcom opensuse jdedwards tenable CWE-476	7.5

Vulnerabilities > Oracle {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Oracle"}]}

Vulnerabilities > Oracle