Vulnerabilities > Oracle > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-17 | CVE-2020-5398 | Download of Code Without Integrity Check vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. | 7.5 |
| 2020-01-16 | CVE-2019-12423 | Insufficiently Protected Credentials vulnerability in multiple products Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. | 7.5 |
| 2020-01-16 | CVE-2020-7044 | Off-by-one Error vulnerability in multiple products In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. | 7.5 |
| 2020-01-15 | CVE-2020-2728 | Unspecified vulnerability in Oracle Identity Manager 12.2.1.3.0 Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM - LDAP user and role Synch). | 7.5 |
| 2020-01-15 | CVE-2020-2726 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 7.5 |
| 2020-01-15 | CVE-2020-2723 | Unspecified vulnerability in Oracle Flexcube Investor Servicing Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). | 7.1 |
| 2020-01-15 | CVE-2020-2718 | Unspecified vulnerability in Oracle Banking Corporate Lending Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). | 7.1 |
| 2020-01-15 | CVE-2020-2713 | Unspecified vulnerability in Oracle Banking Payments 14.1.0/14.3.0 Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). | 7.1 |
| 2020-01-15 | CVE-2020-2702 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 7.5 |
| 2020-01-15 | CVE-2020-2701 | Out-of-bounds Write vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 7.5 |