Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-26 | CVE-2021-26272 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin). | 4.3 |
| 2021-01-26 | CVE-2021-26271 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin). | 4.3 |
| 2021-01-25 | CVE-2021-21275 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. | 4.3 |
| 2021-01-21 | CVE-2020-8554 | Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. | 5.0 |
| 2021-01-20 | CVE-2021-2130 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 4.9 |
| 2021-01-20 | CVE-2021-2127 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 4.9 |
| 2021-01-20 | CVE-2021-2124 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 4.9 |
| 2021-01-20 | CVE-2021-2122 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). | 6.8 |
| 2021-01-20 | CVE-2021-2121 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 4.9 |
| 2021-01-20 | CVE-2021-2118 | Unspecified vulnerability in Oracle Marketing Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). network oracle | 5.8 |