Vulnerabilities > Oracle > High

DATE CVE VULNERABILITY TITLE RISK
2020-08-19 CVE-2020-24394 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131.
7.1
2020-08-08 CVE-2020-15824 Improper Privilege Management vulnerability in multiple products
In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue.
network
low complexity
jetbrains oracle CWE-269
8.8
2020-08-07 CVE-2020-9490 HTTP Request Smuggling vulnerability in multiple products
Apache HTTP Server versions 2.4.20 to 2.4.43.
7.5
2020-08-07 CVE-2020-11993 HTTP Request Smuggling vulnerability in multiple products
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools.
7.5
2020-07-24 CVE-2020-8174 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
network
high complexity
nodejs oracle netapp CWE-191
8.1
2020-07-15 CVE-2020-2984 Unspecified vulnerability in Oracle Configuration Manager 12.1.2.0.6
Vulnerability in the Oracle Configuration Manager product of Oracle Enterprise Manager (component: Discovery and collection script).
network
low complexity
oracle
7.1
2020-07-15 CVE-2020-2983 Unspecified vulnerability in Oracle Data Masking and Subsetting 13.3.0.0/13.4.0.0
Vulnerability in the Oracle Data Masking and Subsetting product of Oracle Enterprise Manager (component: Data Masking).
network
low complexity
oracle
7.1
2020-07-15 CVE-2020-2982 Unspecified vulnerability in Oracle Enterprise Manager Base Platform 13.3.0.0/13.4.0.0
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management).
network
low complexity
oracle
7.1
2020-07-15 CVE-2020-2981 Unspecified vulnerability in Oracle Berkeley DB
Vulnerability in the Data Store component of Oracle Berkeley DB.
local
high complexity
oracle
7.0
2020-07-15 CVE-2020-2968 Unspecified vulnerability in Oracle Database Server
Vulnerability in the Java VM component of Oracle Database Server.
network
high complexity
oracle
8.0