Vulnerabilities > Oracle > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-2543 Unspecified vulnerability in Oracle Outside in Technology 8.5.4
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters).
network
low complexity
oracle
7.3
2020-01-15 CVE-2020-2538 Unspecified vulnerability in Oracle Webcenter Sites 12.2.1.3.0
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI).
network
low complexity
oracle
7.1
2020-01-15 CVE-2020-2537 Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0/12.2.1.4.0
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions).
network
low complexity
oracle
7.1
2020-01-15 CVE-2020-2518 Unspecified vulnerability in Oracle Database Server
Vulnerability in the Java VM component of Oracle Database Server.
network
high complexity
oracle
7.5
2020-01-15 CVE-2020-2511 Unspecified vulnerability in Oracle Database Server
Vulnerability in the Core RDBMS component of Oracle Database Server.
network
low complexity
oracle
7.7
2020-01-15 CVE-2020-2510 Unspecified vulnerability in Oracle Database Server
Vulnerability in the Core RDBMS component of Oracle Database Server.
network
high complexity
oracle
7.5
2020-01-14 CVE-2019-12399 Cleartext Transmission of Sensitive Information vulnerability in multiple products
When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector's task configuration and the response will contain the plaintext secret rather than the externalized secrets variables.
network
low complexity
apache oracle CWE-319
7.5
2020-01-13 CVE-2020-6851 Out-of-bounds Write vulnerability in multiple products
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
7.5
2020-01-03 CVE-2019-5064 Out-of-bounds Write vulnerability in multiple products
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0.
network
low complexity
opencv oracle CWE-787
8.8
2020-01-03 CVE-2019-5063 Out-of-bounds Write vulnerability in multiple products
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0.
network
low complexity
opencv oracle CWE-787
8.8