Vulnerabilities > Oracle > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-14 | CVE-2019-0230 | Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. | 9.8 |
| 2020-09-10 | CVE-2020-11998 | A regression has been introduced in the commit preventing JMX re-bind. | 9.8 |
| 2020-08-29 | CVE-2020-25020 | XXE vulnerability in multiple products MPXJ through 8.1.3 allows XXE attacks. | 9.8 |
| 2020-08-07 | CVE-2020-11984 | Classic Buffer Overflow vulnerability in multiple products Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | 9.8 |
| 2020-07-31 | CVE-2020-5413 | Deserialization of Untrusted Data vulnerability in multiple products Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. | 9.8 |
| 2020-07-15 | CVE-2020-14705 | Unspecified vulnerability in Oracle Goldengate Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). | 9.6 |
| 2020-07-15 | CVE-2020-14701 | Unspecified vulnerability in Oracle Sd-Wan Aware 8.2 Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: User Interface). | 10.0 |
| 2020-07-15 | CVE-2020-14687 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-07-15 | CVE-2020-14665 | Unspecified vulnerability in Oracle Trade Management Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Invoice). | 9.1 |
| 2020-07-15 | CVE-2020-14658 | Unspecified vulnerability in Oracle Marketing Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). | 9.1 |