Vulnerabilities > Oracle > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-14645 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-07-15 | CVE-2020-14644 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-07-15 | CVE-2020-14625 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-07-15 | CVE-2020-14606 | Unspecified vulnerability in Oracle Sd-Wan Edge 8.2/9.0 Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). | 10.0 |
| 2020-07-15 | CVE-2020-14599 | Unspecified vulnerability in Oracle Customer Relationship Management Gateway for Mobile Devices 12.1.1/12.1.3 Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). | 9.1 |
| 2020-07-15 | CVE-2020-14598 | Unspecified vulnerability in Oracle Customer Relationship Management Gateway for Mobile Devices 12.1.1/12.1.3 Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (component: Setup of Mobile Applications). | 9.1 |
| 2020-06-23 | CVE-2020-9480 | Missing Authentication for Critical Function vulnerability in multiple products In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. | 9.8 |
| 2020-05-20 | CVE-2020-9409 | Incorrect Default Permissions vulnerability in multiple products The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated attacker to obtain the permissions of a JasperReports Server "superuser" for the affected systems. | 9.8 |
| 2020-05-14 | CVE-2020-11973 | Deserialization of Untrusted Data vulnerability in multiple products Apache Camel Netty enables Java deserialization by default. | 9.8 |
| 2020-05-14 | CVE-2020-11972 | Deserialization of Untrusted Data vulnerability in multiple products Apache Camel RabbitMQ enables Java deserialization by default. | 9.8 |